Socialaccount + mfa: how to bypass the mfa code form?

on an older version of django-allauth (0.61.1) I used totp for the two-auth. Now I've udpdated to django-allauth[mfa]==65.3.0 and I have an issue by using the socialaccount auth.

Before I used a customer AccountAdapter to check if the user coming from a microsoft:

class AccountAdapter(DefaultAccountAdapter):
    def has_2fa_enabled(self, user):
        """Returns True if the user has 2FA configured."""
        return user.has_2fa_enabled if user.is_authenticated else False

    def login(self, request, user):
        # Require two-factor authentication if it has been configured.
        if (
            self.has_2fa_enabled(user)
            and not request.path == "/auth/microsoft/login/callback/"
        ):

            redirect_url = reverse("two-factor-authenticate")
            # Add GET parameters to the URL if they exist.
            if request.GET:
                redirect_url += "?" + urlencode(request.GET)

            raise ImmediateHttpResponse(response=HttpResponseRedirect(redirect_url))

        return super().login(request, user)

Now, with the new update, the 2FA code is asked AFTER the super().login. So my code is now useless.

How can I bypass the MFA code?

I've checked the documentation and I see only "is_mfa_enabled" in the DefaultMFAAdapter but this is not nice as it will just say False on is_mfa_enabled but not only change if the app asks the code or not.

Is there any other way for that?

Вернуться на верх