github/jumpserver
1
0
Fork 0
mirror of https://github.com/jumpserver/jumpserver.git synced 2025-09-10 20:00:10 +00:00
Code Issues Projects Releases Wiki Activity

perf: 优化写法 (#7498)

Browse Source 
* fix: 修复登录页输入 mfa 时不支持 某 mfa 的错误提示

fix tapd 1145454465001008371

* perf: 优化 send code api,避免暴力常识

* perf: 优化写法

* Update mfa.py

Co-authored-by: ibuler <ibuler@qq.com>
Co-authored-by: Jiangjie.Bai <32935519+BaiJiangJie@users.noreply.github.com>
This commit is contained in:
fit2bot
2022-01-17 19:05:01 +08:00
committed by GitHub
parent 088676d998
commit c43ad981bd
3 changed files with 17 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

13
apps/authentication/api/mfa.py
View File

@@ -47,12 +47,21 @@ class MFASendCodeApi(AuthMixin, CreateAPIView):
self.incr_mfa_failed_time(username, self.ip)
raise e
def get_user_from_db(self, username):
"""避免暴力测试用户名"""
ip = self.get_request_ip()
self.check_mfa_is_block(username, ip)
try:
user = get_object_or_404(User, username=username)
return user
except Exception as e:
self.incr_mfa_failed_time(username, ip)
raise e
def perform_create(self, serializer):
username = serializer.validated_data.get('username', '')
mfa_type = serializer.validated_data['type']
self.ip = self.get_request_ip()
self.check_mfa_is_block(username, self.ip)
if not username:
user = self.get_user_from_session()
else: