github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-09-20 11:00:35 +00:00
Code Issues Projects Releases Wiki Activity

perf: MFA coce reuse

Browse Source
This commit is contained in:
feng
2025-07-22 16:06:33 +08:00
parent 38b268b104
commit 4e8c9b60cb
1 changed files with 12 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
apps/authentication/mfa/base.py
View File

@@ -1,5 +1,6 @@
import abc import abc
from django.conf import settings
from django.core.cache import cache from django.core.cache import cache
from django.utils.translation import gettext_lazy as _ from django.utils.translation import gettext_lazy as _
@@ -23,7 +24,12 @@ class BaseMFA(abc.ABC):
cache_key = f'{self.name}_{self.user.username}' cache_key = f'{self.name}_{self.user.username}'
cache_code = cache.get(cache_key) cache_code = cache.get(cache_key)
if cache_code == code:
is_match = cache_code == code
if is_match:
if not settings.SAFE_MODE:
return True, ''
else:
return False, _( return False, _(
"The two-factor code you entered has either already been used or has expired. " "The two-factor code you entered has either already been used or has expired. "
"Please request a new one." "Please request a new one."
@@ -33,7 +39,7 @@ class BaseMFA(abc.ABC):
if not ok: if not ok:
return False, msg return False, msg
cache.set(cache_key, code, 60 * 5) cache.set(cache_key, code, 60)
return True, msg return True, msg
def is_authenticated(self): def is_authenticated(self):