fix: Deactivate mfa for OIDC_ONLY setting, otherwise not working

mrmn2 · mrmn2 · commit bf42f5e7c4fa · 2026-03-13T16:51:18.000+01:00
Fixes #274
diff --git a/pdfding/core/settings/prod.py b/pdfding/core/settings/prod.py
@@ -145,6 +145,9 @@
         SOCIALACCOUNT_ONLY = True
         ACCOUNT_EMAIL_VERIFICATION = 'none'
 
+        # need to remove mfa as not compatible with this setting
+        INSTALLED_APPS.remove('allauth.mfa')  # noqa: F405
+
     OIDC_GROUPS_CLAIM = environ.get('OIDC_GROUPS_CLAIM', 'groups')
     OIDC_ADMIN_GROUP = environ.get('OIDC_ADMIN_GROUP', '')
     OIDC_EXTRA_SCOPE = environ.get('OIDC_EXTRA_SCOPE', '')
diff --git a/pdfding/e2e/test_users_e2e.py b/pdfding/e2e/test_users_e2e.py
@@ -191,6 +191,11 @@ def test_settings_edit_cancel_viewer_settings(self):
                 self.page.get_by_text("Cancel").click()
                 expect(self.page.locator(name)).to_contain_text('Edit')
 
+    def test_settings_mfa_edit_visible(self):
+        with sync_playwright() as p:
+            self.open(reverse('account_settings'), p)
+            expect(self.page.locator('#edit_mfa')).to_be_visible()
+
     def test_settings_mfa_activated(self):
         Authenticator.objects.create(user=self.user, type='totp', data={})
 
diff --git a/pdfding/users/models.py b/pdfding/users/models.py
@@ -191,9 +191,12 @@ def collections(self) -> QuerySet:
     def mfa_activated(self) -> bool:
         """Check if multi factor authentication is activated"""
 
-        if self.user.authenticator_set.count():
-            return True
-        else:
+        try:
+            if self.user.authenticator_set.count():
+                return True
+            else:
+                return False
+        except AttributeError:  # pragma: no cover
             return False
 
     @property
diff --git a/pdfding/users/templates/account_settings.html b/pdfding/users/templates/account_settings.html
@@ -71,9 +71,12 @@
                     {% endif %}
                 </div>
                 <div class="pr-0 md:pr-6">
-                    <a id="edit_mfa" href="{% url 'mfa_index' %}" class="cursor-pointer text-primary hover:text-secondary">
+                    {% url 'mfa_index' as mfa_index_url %}
+                    {% if mfa_index_url %}
+                    <a id="edit_mfa" href="{{ mfa_index_url }}" class="cursor-pointer text-primary hover:text-secondary">
                         Edit
                     </a>
+                    {% endif %}
                 </div>
             </div>
             {% endif %}
