diff --git a/apps/authentication/middleware.py b/apps/authentication/middleware.py
index 9a5e4e793..ff050f815 100644
--- a/apps/authentication/middleware.py
+++ b/apps/authentication/middleware.py
@@ -7,8 +7,11 @@ class MFAMiddleware:
 
     def __call__(self, request):
         response = self.get_response(request)
-        if request.path.find('/auth/login/otp/') > -1:
-            return response
+
+        white_urls = ['login/mfa', 'mfa/select', 'jsi18n/', '/static/']
+        for url in white_urls:
+            if request.path.find(url) > -1:
+                return response
         if request.session.get('auth_mfa_required'):
             return redirect('authentication:login-mfa')
         return response
diff --git a/apps/authentication/mixins.py b/apps/authentication/mixins.py
index 7491b3b9e..88437dd16 100644
--- a/apps/authentication/mixins.py
+++ b/apps/authentication/mixins.py
@@ -417,12 +417,10 @@ class AuthACLMixin:
             self.request.session["auth_confirm"] = "1"
             return
         elif ticket.state_reject:
-            self.clean_mfa_mark()
             raise errors.LoginConfirmOtherError(
                 ticket.id, ticket.get_state_display()
             )
         elif ticket.state_close:
-            self.clean_mfa_mark()
             raise errors.LoginConfirmOtherError(
                 ticket.id, ticket.get_state_display()
             )
diff --git a/apps/authentication/signals_handlers.py b/apps/authentication/signals_handlers.py
index d895c8498..942739531 100644
--- a/apps/authentication/signals_handlers.py
+++ b/apps/authentication/signals_handlers.py
@@ -7,7 +7,6 @@ from django.dispatch import receiver
 from django_cas_ng.signals import cas_user_authenticated
 
 from jms_oidc_rp.signals import openid_user_login_failed, openid_user_login_success
-
 from .signals import post_auth_success, post_auth_failed
 
 
diff --git a/apps/perms/filters.py b/apps/perms/filters.py
index f56927436..c3a5a4b16 100644
--- a/apps/perms/filters.py
+++ b/apps/perms/filters.py
@@ -143,7 +143,7 @@ class AssetPermissionFilter(PermissionBaseFilter):
         if not _nodes:
             return queryset.none()
 
-        node = _nodes.get()
+        node = _nodes.first()
 
         if not is_query_all:
             queryset = queryset.filter(nodes=node)
@@ -170,7 +170,7 @@ class AssetPermissionFilter(PermissionBaseFilter):
             return queryset
         if not assets:
             return queryset.none()
-        asset = assets.get()
+        asset = assets.first()
 
         if not is_query_all:
             queryset = queryset.filter(assets=asset)