29 lines
966 B
Python
29 lines
966 B
Python
# Copyright (c) 2025, Project Management and contributors
|
|
# License: MIT
|
|
|
|
import frappe
|
|
from frappe import _
|
|
|
|
|
|
@frappe.whitelist()
|
|
def get_two_factor_status(user: str | None = None):
|
|
"""Return whether 2FA is enabled site-wide and required for the given user (OTP App flow)."""
|
|
target = user or frappe.session.user
|
|
if not target or target == "Guest":
|
|
frappe.throw(_("Not logged in"), frappe.AuthenticationError)
|
|
|
|
from frappe.twofactor import get_verification_method, two_factor_is_enabled_for_
|
|
|
|
enabled_globally = bool(int(frappe.db.get_single_value("System Settings", "enable_two_factor_auth") or 0))
|
|
method = get_verification_method() if enabled_globally else None
|
|
required_for_user = False
|
|
if enabled_globally and target != "Administrator":
|
|
required_for_user = bool(two_factor_is_enabled_for_(target))
|
|
|
|
return {
|
|
"enabled_globally": enabled_globally,
|
|
"required_for_user": required_for_user,
|
|
"method": method,
|
|
"otp_app": method == "OTP App",
|
|
}
|