remove ignoring MFA for munin
This commit is contained in:
parent
eeada2b9b5
commit
3ce59172cf
|
@ -34,7 +34,6 @@ Functionality changes and additions
|
|||
Removed older cryptos following internet.nl recommendations
|
||||
|
||||
Bug fixes
|
||||
* Munin routes are ignored for Multi Factor Authentication [see github issue](https://github.com/mail-in-a-box/mailinabox/issues/1865)
|
||||
* Munin error report fixed [see github issue](https://github.com/mail-in-a-box/mailinabox/issues/1555)
|
||||
* Correct nextcloud carddav url [see github issue](https://github.com/mail-in-a-box/mailinabox/issues/1918)
|
||||
|
||||
|
|
|
@ -109,15 +109,7 @@ def validate_auth_mfa(email, request, env):
|
|||
# If no MFA modes are added, return True.
|
||||
if len(mfa_state) == 0:
|
||||
return (True, [])
|
||||
|
||||
# munin routes are proxied by our control panel. We do not have
|
||||
# full control over their routes so credentials are supplied via
|
||||
# a basic HTTP authentication prompt.
|
||||
# There is neither a way to input a mfa credential there nor can we pass
|
||||
# the user_api_key from localStorage so mfa should be disabled for these routes.
|
||||
if request.full_path.startswith("/munin"):
|
||||
return (True, [])
|
||||
|
||||
|
||||
# Try the enabled MFA modes.
|
||||
hints = set()
|
||||
for mfa_mode in mfa_state:
|
||||
|
|
Loading…
Reference in New Issue