feat: support forced binding MFA after login (#1845)

2025-07-02 03:00:18 +08:00 · 2023-05-17 01:13:13 +08:00
parent 0b5ecca5c8
commit 9092cad631
10 changed files with 293 additions and 40 deletions
--- a/controllers/auth.go
+++ b/controllers/auth.go
@ -312,6 +312,11 @@ func (c *ApiController) Login() {

 			resp = c.HandleLoggedIn(application, user, &authForm)

+			organization := object.GetOrganizationByUser(user)
+			if user != nil && organization.HasRequiredMfa() && !user.IsMfaEnabled() {
+				resp.Msg = object.RequiredMfa
+			}
+
 			record := object.NewRecord(c.Ctx)
 			record.Organization = application.Organization
 			record.User = user.Name