Topic: django-auth-ldap + sms acknowledgement for exterior visitors.

Kind time of days!
On a local server implemented SSO by means of library django-auth-ldap, works predictably, the user with domain  walks on a site. But... Thinking of the functional extension, arrived at idea that is required to implement also and an input on a building a site through the exterior Internet, on the same login and the password, only to all it is necessary to send plus  with confirming code. In what actually a question: what mechanisms implementation such here two-factor authorization is possible?
At an input through ldap in django there is a user actually which and it will be necessary to check already (probably) and if the first input with  was not, and the user in basis django is not present? It turns out at me there should be two addresses for an input, one for the internal users, the second for exterior?
I thank for addressing words))