From 8c277e8875124adddae78ad596921a4648afdf63 Mon Sep 17 00:00:00 2001
From: fit2bot <68588906+fit2bot@users.noreply.github.com>
Date: Wed, 14 Sep 2022 16:17:51 +0800
Subject: [PATCH] =?UTF-8?q?fix:=20=E4=BF=AE=E5=A4=8Dmfa=E5=A4=B1=E6=95=88?=
 =?UTF-8?q?=E6=97=A5=E6=9C=9F=20=E5=A4=B1=E6=95=88=E9=97=AE=E9=A2=98=20(#8?=
 =?UTF-8?q?862)?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Co-authored-by: feng626 <1304903146@qq.com>
---
 apps/common/permissions.py | 12 +++++++++---
 1 file changed, 9 insertions(+), 3 deletions(-)

diff --git a/apps/common/permissions.py b/apps/common/permissions.py
index b6ba60ac9..7ce39e1a4 100644
--- a/apps/common/permissions.py
+++ b/apps/common/permissions.py
@@ -62,16 +62,22 @@ class UserConfirmation(permissions.BasePermission):
 
         confirm_level = request.session.get('CONFIRM_LEVEL')
         confirm_time = request.session.get('CONFIRM_TIME')
-
+        ttl = self.get_ttl()
         if not confirm_level or not confirm_time or \
                 confirm_level < self.min_level or \
-                confirm_time < time.time() - self.ttl:
+                confirm_time < time.time() - ttl:
             raise UserConfirmRequired(code=self.confirm_type)
         return True
 
+    def get_ttl(self):
+        if self.confirm_type == ConfirmType.MFA:
+            ttl = settings.SECURITY_MFA_VERIFY_TTL
+        else:
+            ttl = self.ttl
+        return ttl
+
     @classmethod
     def require(cls, confirm_type=ConfirmType.ReLogin, ttl=60 * 5):
         min_level = ConfirmType.values.index(confirm_type) + 1
-        ttl = settings.SECURITY_MFA_VERIFY_TTL if confirm_type == ConfirmType.MFA else ttl
         name = 'UserConfirmationLevel{}TTL{}'.format(min_level, ttl)
         return type(name, (cls,), {'min_level': min_level, 'ttl': ttl, 'confirm_type': confirm_type})