feat: 首页的 chanlege 和 MFA 统一 (#6989)

* feat: 首页的 chanlege 和 MFA 统一 * 登陆样式调整 * mfa bug * q * m * mfa封装组件前端可修改配置 * perf: 添加翻译 * login css bug * perf: 修改一些风格 * perf: 修改命名 * perf: 修改 mfa code 不是必填 * mfa 前端统一组件 * stash * perf: 统一验证码 Co-authored-by: feng626 <1304903146@qq.com> Co-authored-by: ibuler <ibuler@qq.com>
2025-09-03 00:15:20 +00:00 · 2021-10-18 18:41:41 +08:00
parent fa68389028
commit 63638ed1ce
19 changed files with 707 additions and 286 deletions
--- a/apps/settings/serializers/security.py
+++ b/apps/settings/serializers/security.py
@@ -70,14 +70,40 @@ class SecurityAuthSerializer(serializers.Serializer):
        help_text=_("Only log in from the user source property")
    )
    SECURITY_MFA_VERIFY_TTL = serializers.IntegerField(
-        min_value=5, max_value=60*60*10,
-        label=_("MFA verify TTL"), help_text=_("Unit: second"),
+        min_value=5, max_value=60 * 60 * 10,
+        label=_("MFA verify TTL"),
+        help_text=_("Unit: second, The verification MFA takes effect only when you view the account password"),
+    )
+    SECURITY_LOGIN_CHALLENGE_ENABLED = serializers.BooleanField(
+        required=False, default=False,
+        label=_("Enable Login dynamic code"),
+        help_text=_("The password and additional code are sent to a third party "
+                    "authentication system for verification")
+    )
+    SECURITY_MFA_IN_LOGIN_PAGE = serializers.BooleanField(
+        required=False, default=False,
+        label=_("MFA in login page"),
+        help_text=_("Eu security regulations(GDPR) require MFA to be on the login page")
    )
    SECURITY_LOGIN_CAPTCHA_ENABLED = serializers.BooleanField(
-        required=False, default=True,
-        label=_("Enable Login captcha")
+        required=False, default=False, label=_("Enable Login captcha"),
+        help_text=_("Enable captcha to prevent robot authentication")
    )

+    def validate(self, attrs):
+        if attrs.get('SECURITY_MFA_AUTH') != 1:
+            attrs['SECURITY_MFA_IN_LOGIN_PAGE'] = False
+        return attrs
+
+    def to_representation(self, instance):
+        data = super().to_representation(instance)
+        if data['SECURITY_LOGIN_CHALLENGE_ENABLED']:
+            data['SECURITY_MFA_IN_LOGIN_PAGE'] = False
+            data['SECURITY_LOGIN_CAPTCHA_ENABLED'] = False
+        elif data['SECURITY_MFA_IN_LOGIN_PAGE']:
+            data['SECURITY_LOGIN_CAPTCHA_ENABLED'] = False
+        return data
+

 class SecuritySettingSerializer(SecurityPasswordRuleSerializer, SecurityAuthSerializer):
    SECURITY_SERVICE_ACCOUNT_REGISTRATION = serializers.BooleanField(
@@ -118,4 +144,3 @@ class SecuritySettingSerializer(SecurityPasswordRuleSerializer, SecurityAuthSeri
        required=False, label=_('Login Confirm'),
        help_text=_("Enabled, please go to the user detail add approver")
    )
-