pref: 优化MFA (#7153)

* perf: 优化mfa 和登录 * perf: stash * stash * pref: 基本完成 * perf: remove init function * perf: 优化命名 * perf: 优化backends * perf: 基本完成优化 * perf: 修复首页登录时没有 toastr 的问题 Co-authored-by: ibuler <ibuler@qq.com> Co-authored-by: Jiangjie.Bai <32935519+BaiJiangJie@users.noreply.github.com>
2025-09-16 23:38:36 +00:00 · 2021-11-10 11:30:48 +08:00
parent bac974b4f2
commit 17303c0550
44 changed files with 1373 additions and 977 deletions
--- a/apps/authentication/views/login.py
+++ b/apps/authentication/views/login.py
@@ -122,16 +122,16 @@ class UserLoginView(mixins.AuthMixin, FormView):
            self.request.session.set_test_cookie()
            return self.render_to_response(context)
        except (
-                errors.PasswdTooSimple,
+                errors.PasswordTooSimple,
                errors.PasswordRequireResetError,
-                errors.PasswdNeedUpdate,
+                errors.PasswordNeedUpdate,
                errors.OTPBindRequiredError
        ) as e:
            return redirect(e.url)
        except (
                errors.MFAFailedError,
                errors.BlockMFAError,
-                errors.OTPCodeRequiredError,
+                errors.MFACodeRequiredError,
                errors.SMSCodeRequiredError,
                errors.UserPhoneNotSet
        ) as e:
@@ -199,7 +199,7 @@ class UserLoginView(mixins.AuthMixin, FormView):
            'demo_mode': os.environ.get("DEMO_MODE"),
            'auth_methods': self.get_support_auth_methods(),
            'forgot_password_url': self.get_forgot_password_url(),
-            'methods': self.get_user_mfa_methods(),
+            **self.get_user_mfa_context(self.request.user)
        }
        kwargs.update(context)
        return super().get_context_data(**kwargs)
@@ -208,7 +208,7 @@ class UserLoginView(mixins.AuthMixin, FormView):
 class UserLoginGuardView(mixins.AuthMixin, RedirectView):
    redirect_field_name = 'next'
    login_url = reverse_lazy('authentication:login')
-    login_otp_url = reverse_lazy('authentication:login-otp')
+    login_mfa_url = reverse_lazy('authentication:login-mfa')
    login_confirm_url = reverse_lazy('authentication:login-wait-confirm')

    def format_redirect_url(self, url):
@@ -229,15 +229,16 @@ class UserLoginGuardView(mixins.AuthMixin, RedirectView):
            user = self.check_user_auth_if_need()
            self.check_user_mfa_if_need(user)
            self.check_user_login_confirm_if_need(user)
-        except (errors.CredentialError, errors.SessionEmptyError):
+        except (errors.CredentialError, errors.SessionEmptyError) as e:
+            print("Error: ", e)
            return self.format_redirect_url(self.login_url)
        except errors.MFARequiredError:
-            return self.format_redirect_url(self.login_otp_url)
+            return self.format_redirect_url(self.login_mfa_url)
        except errors.LoginConfirmBaseError:
            return self.format_redirect_url(self.login_confirm_url)
        except errors.MFAUnsetError as e:
            return e.url
-        except errors.PasswdTooSimple as e:
+        except errors.PasswordTooSimple as e:
            return e.url
        else:
            self.login_it(user)
--- a/apps/authentication/views/mfa.py
+++ b/apps/authentication/views/mfa.py
@@ -3,32 +3,39 @@

 from __future__ import unicode_literals
 from django.views.generic.edit import FormView
-from django.utils.translation import gettext_lazy as _
-from django.conf import settings
+
+from common.utils import get_logger
 from .. import forms, errors, mixins
 from .utils import redirect_to_guard_view

-from common.utils import get_logger
-
 logger = get_logger(__name__)
-__all__ = ['UserLoginOtpView']
+__all__ = ['UserLoginMFAView']


-class UserLoginOtpView(mixins.AuthMixin, FormView):
-    template_name = 'authentication/login_otp.html'
+class UserLoginMFAView(mixins.AuthMixin, FormView):
+    template_name = 'authentication/login_mfa.html'
    form_class = forms.UserCheckOtpCodeForm
    redirect_field_name = 'next'

+    def get(self, *args, **kwargs):
+        try:
+            self.get_user_from_session()
+        except errors.SessionEmptyError:
+            return redirect_to_guard_view()
+        return super().get(*args, **kwargs)
+
    def form_valid(self, form):
        code = form.cleaned_data.get('code')
        mfa_type = form.cleaned_data.get('mfa_type')

        try:
-            self.check_user_mfa(code, mfa_type)
+            self._do_check_user_mfa(code, mfa_type)
            return redirect_to_guard_view()
        except (errors.MFAFailedError, errors.BlockMFAError) as e:
            form.add_error('code', e.msg)
            return super().form_invalid(form)
+        except errors.SessionEmptyError:
+            return redirect_to_guard_view()
        except Exception as e:
            logger.error(e)
            import traceback
@@ -37,6 +44,7 @@ class UserLoginOtpView(mixins.AuthMixin, FormView):

    def get_context_data(self, **kwargs):
        user = self.get_user_from_session()
-        methods = self.get_user_mfa_methods(user)
-        kwargs.update({'methods': methods})
+        mfa_context = self.get_user_mfa_context(user)
+        kwargs.update(mfa_context)
        return kwargs
+