fix: 修复登录时没有绑定mfa，没有跳转的问题

fix: 首页登录如果没有则后续登录

apps/authentication/errors.py

@@ -66,7 +66,6 @@ mfa_error_msg = _(
 )
 mfa_required_msg = _("MFA required")
 mfa_unset_msg = _("MFA not set, please set it first")
-otp_unset_msg = _("OTP not set, please set it first")
 login_confirm_required_msg = _("Login confirm required")
 login_confirm_wait_msg = _("Wait login confirm ticket for accept")
 login_confirm_error_msg = _("Login confirm ticket was {}")
@@ -162,13 +161,11 @@ class BlockMFAError(AuthFailedNeedLogMixin, AuthFailedError):
         super().__init__(username=username, request=request, ip=ip)
 
 
-class MFAUnsetError(AuthFailedNeedLogMixin, AuthFailedError):
+class MFAUnsetError(Exception):
     error = reason_mfa_unset
     msg = mfa_unset_msg
 
     def __init__(self, user, request, url):
-        super().__init__(username=user.username, request=request)
-        self.user = user
         self.url = url
 
 
@@ -354,21 +351,16 @@ class NotHaveUpDownLoadPerm(JMSException):
     default_detail = _('No upload or download permission')
 
 
-class OTPBindRequiredError(JMSException):
-    default_detail = otp_unset_msg
-
-    def __init__(self, url, *args, **kwargs):
-        super().__init__(*args, **kwargs)
-        self.url = url
-
-
 class MFACodeRequiredError(AuthFailedError):
+    error = 'mfa_code_required'
     msg = _("Please enter MFA code")
 
 
 class SMSCodeRequiredError(AuthFailedError):
+    error = 'sms_code_required'
     msg = _("Please enter SMS code")
 
 
 class UserPhoneNotSet(AuthFailedError):
+    error = 'phone_not_set'
     msg = _('Phone not set')

apps/authentication/mixins.py

@@ -248,16 +248,24 @@ class MFAMixin:
     get_user_from_session: Callable
     get_request_ip: Callable
 
+    def _check_if_no_active_mfa(self, user):
+        active_mfa_mapper = user.active_mfa_backends_mapper
+        if not active_mfa_mapper:
+            url = reverse('authentication:user-otp-enable-start')
+            raise errors.MFAUnsetError(user, self.request, url)
+
     def _check_login_page_mfa_if_need(self, user):
         if not settings.SECURITY_MFA_IN_LOGIN_PAGE:
             return
+        self._check_if_no_active_mfa(user)
 
         request = self.request
         data = request.data if hasattr(request, 'data') else request.POST
         code = data.get('code')
         mfa_type = data.get('mfa_type', 'otp')
+
         if not code:
-            raise errors.MFACodeRequiredError
+            return
         self._do_check_user_mfa(code, mfa_type, user=user)
 
     def check_user_mfa_if_need(self, user):
@@ -266,10 +274,9 @@ class MFAMixin:
         if not user.mfa_enabled:
             return
 
+        self._check_if_no_active_mfa(user)
+
         active_mfa_mapper = user.active_mfa_backends_mapper
-        if not active_mfa_mapper:
-            url = reverse('authentication:user-otp-enable-start')
-            raise errors.MFAUnsetError(user, self.request, url)
         raise errors.MFARequiredError(mfa_types=tuple(active_mfa_mapper.keys()))
 
     def mark_mfa_ok(self, mfa_type):

apps/authentication/views/login.py

@@ -122,10 +122,10 @@ class UserLoginView(mixins.AuthMixin, FormView):
             self.request.session.set_test_cookie()
             return self.render_to_response(context)
         except (
+                errors.MFAUnsetError,
                 errors.PasswordTooSimple,
                 errors.PasswordRequireResetError,
-                errors.PasswordNeedUpdate,
-                errors.OTPBindRequiredError
+                errors.PasswordNeedUpdate
         ) as e:
             return redirect(e.url)
         except (