fix: Solve the problem that mfa cannot jump to the original URL

pull/14445/head
jiangweidong 2 weeks ago
parent 690f525afc
commit 5ff4a16fc6

@ -311,6 +311,7 @@ class UserLoginView(mixins.AuthMixin, UserLoginContextMixin, FormView):
class UserLoginGuardView(mixins.AuthMixin, RedirectView): class UserLoginGuardView(mixins.AuthMixin, RedirectView):
query_string = True
redirect_field_name = 'next' redirect_field_name = 'next'
login_url = reverse_lazy('authentication:login') login_url = reverse_lazy('authentication:login')
login_mfa_url = reverse_lazy('authentication:login-mfa') login_mfa_url = reverse_lazy('authentication:login-mfa')

@ -3,11 +3,10 @@
from __future__ import unicode_literals from __future__ import unicode_literals
from django.views.generic.edit import FormView from django.views.generic.edit import FormView
from django.shortcuts import redirect from django.shortcuts import redirect, reverse
from common.utils import get_logger from common.utils import get_logger
from .. import forms, errors, mixins from .. import forms, errors, mixins
from .utils import redirect_to_guard_view
logger = get_logger(__name__) logger = get_logger(__name__)
__all__ = ['UserLoginMFAView'] __all__ = ['UserLoginMFAView']
@ -22,7 +21,7 @@ class UserLoginMFAView(mixins.AuthMixin, FormView):
try: try:
user = self.get_user_from_session() user = self.get_user_from_session()
except errors.SessionEmptyError: except errors.SessionEmptyError:
return redirect_to_guard_view('session_empty') return self.redirect_to_guard_view('session_empty')
try: try:
self._check_if_no_active_mfa(user) self._check_if_no_active_mfa(user)
@ -31,6 +30,13 @@ class UserLoginMFAView(mixins.AuthMixin, FormView):
return super().get(*args, **kwargs) return super().get(*args, **kwargs)
def redirect_to_guard_view(self, comment=''):
guard_url = reverse('authentication:login-guard') + '?_=' + comment
args = self.request.META.get('QUERY_STRING', '')
if args:
guard_url = "%s&%s" % (guard_url, args)
return redirect(guard_url)
def form_valid(self, form): def form_valid(self, form):
from users.utils import MFABlockUtils from users.utils import MFABlockUtils
code = form.cleaned_data.get('code') code = form.cleaned_data.get('code')
@ -40,17 +46,17 @@ class UserLoginMFAView(mixins.AuthMixin, FormView):
self._do_check_user_mfa(code, mfa_type) self._do_check_user_mfa(code, mfa_type)
user, ip = self.get_user_from_session(), self.get_request_ip() user, ip = self.get_user_from_session(), self.get_request_ip()
MFABlockUtils(user.username, ip).clean_failed_count() MFABlockUtils(user.username, ip).clean_failed_count()
return redirect_to_guard_view('mfa_ok') return self.redirect_to_guard_view('mfa_ok')
except (errors.MFAFailedError, errors.BlockMFAError) as e: except (errors.MFAFailedError, errors.BlockMFAError) as e:
form.add_error('code', e.msg) form.add_error('code', e.msg)
return super().form_invalid(form) return super().form_invalid(form)
except errors.SessionEmptyError: except errors.SessionEmptyError:
return redirect_to_guard_view('session_empty') return self.redirect_to_guard_view('session_empty')
except Exception as e: except Exception as e:
logger.error(e) logger.error(e)
import traceback import traceback
traceback.print_exc() traceback.print_exc()
return redirect_to_guard_view('unexpect') return self.redirect_to_guard_view('unexpect')
def get_context_data(self, **kwargs): def get_context_data(self, **kwargs):
user = self.get_user_from_session() user = self.get_user_from_session()

@ -1,8 +0,0 @@
# -*- coding: utf-8 -*-
#
from django.shortcuts import reverse, redirect
def redirect_to_guard_view(comment=''):
continue_url = reverse('authentication:login-guard') + '?_=' + comment
return redirect(continue_url)
Loading…
Cancel
Save