feat: add support for per-account MFA validity period in org setting to reduce repeated prompts (#3917)

2025-07-22 17:03:49 +08:00 · 2025-07-11 00:24:33 +08:00
parent ef14c84edc
commit 2da597b26f
37 changed files with 201 additions and 66 deletions
--- a/controllers/mfa.go
+++ b/controllers/mfa.go
@ -58,6 +58,12 @@ func (c *ApiController) MfaSetupInitiate() {
 		return
 	}

+	organization, err := object.GetOrganizationByUser(user)
+	if err != nil {
+		c.ResponseError(err.Error())
+		return
+	}
+
 	mfaProps, err := MfaUtil.Initiate(user.GetId())
 	if err != nil {
 		c.ResponseError(err.Error())
@ -66,6 +72,7 @@ func (c *ApiController) MfaSetupInitiate() {

 	recoveryCode := uuid.NewString()
 	mfaProps.RecoveryCodes = []string{recoveryCode}
+	mfaProps.MfaRememberInHours = organization.MfaRememberInHours

 	resp := mfaProps
 	c.ResponseOk(resp)