github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-06-24 14:02:01 +00:00
Code Issues Projects Releases Wiki Activity

fix: OTP_IN_RADIUS 与 mfa 冲突

Browse Source
This commit is contained in:
xinwen 2021-09-13 15:57:04 +08:00 committed by Jiangjie.Bai
parent fc8181b5ed
commit 09d51fd5be
2 changed files with 6 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
apps/authentication/mixins.py
View File

@ -346,6 +346,10 @@ class AuthMixin(PasswordEncryptionViewMixin):
def check_user_mfa_if_need(self, user): def check_user_mfa_if_need(self, user):
if self.request.session.get('auth_mfa'): if self.request.session.get('auth_mfa'):
return return
if settings.OTP_IN_RADIUS:
return
if not user.mfa_enabled: if not user.mfa_enabled:
return return
unset, url = user.mfa_enabled_but_not_set() unset, url = user.mfa_enabled_but_not_set()

3
apps/authentication/signals_handlers.py
View File

@ -14,7 +14,8 @@ from .signals import post_auth_success, post_auth_failed
@receiver(user_logged_in) @receiver(user_logged_in)
def on_user_auth_login_success(sender, user, request, **kwargs): def on_user_auth_login_success(sender, user, request, **kwargs):
# 开启了 MFA且没有校验过 # 开启了 MFA且没有校验过
if user.mfa_enabled and not request.session.get('auth_mfa'):
if user.mfa_enabled and not settings.OTP_IN_RADIUS and not request.session.get('auth_mfa'):
request.session['auth_mfa_required'] = 1 request.session['auth_mfa_required'] = 1
if settings.USER_LOGIN_SINGLE_MACHINE_ENABLED: if settings.USER_LOGIN_SINGLE_MACHINE_ENABLED: