added setting to anable MFA

2024-08-30 18:33:04 +00:00 · 2021-11-01 00:34:00 +01:00 · 2021-11-01 00:34:00 +01:00 · 9d68d6bdca
commit 9d68d6bdca
parent a8e18a7972
3 changed files with 9 additions and 1 deletions
--- a/InvenTree/InvenTree/middleware.py
+++ b/InvenTree/InvenTree/middleware.py
@ -11,6 +11,7 @@ from rest_framework.authtoken.models import Token
 from allauth_2fa.middleware import BaseRequire2FAMiddleware, AllauthTwoFactorMiddleware

 from InvenTree.urls import frontendpatterns
+from common.models import InvenTreeSetting


 logger = logging.getLogger("inventree")
@ -162,7 +163,7 @@ class Check2FAMiddleware(BaseRequire2FAMiddleware):
        # Superusers are require to have 2FA.
        try:
            if url_matcher.resolve(request.path[1:]):
-                return True
+                return InvenTreeSetting.get_setting('LOGIN_ENFORCE_MFA')
        except Resolver404:
            pass
        return False
--- a/InvenTree/common/models.py
+++ b/InvenTree/common/models.py
@ -853,6 +853,12 @@ class InvenTreeSetting(BaseInvenTreeSetting):
            'default': '',
            'choices': settings_group_options
        },
+        'LOGIN_ENFORCE_MFA': {
+            'name': _('Enforce MFA'),
+            'description': _('Users must use multifaktor security.'),
+            'default': False,
+            'validator': bool,
+        },
    }

    class Meta:
--- a/InvenTree/templates/InvenTree/settings/login.html
+++ b/InvenTree/templates/InvenTree/settings/login.html
@ -16,6 +16,7 @@
        {% include "InvenTree/settings/setting.html" with key="LOGIN_ENABLE_SSO" icon="fa-info-circle" %}
        {% include "InvenTree/settings/setting.html" with key="LOGIN_ENABLE_PWD_FORGOT" icon="fa-info-circle" %}
        {% include "InvenTree/settings/setting.html" with key="LOGIN_MAIL_REQUIRED" icon="fa-info-circle" %}
+        {% include "InvenTree/settings/setting.html" with key="LOGIN_ENFORCE_MFA" %}
        <tr>
            <td>{% trans 'Signup' %}</td>
            <td colspan='4'></td>