flip_api.user_services.mfa_status
Attributes
Functions
|
Report whether the caller has an active TOTP authenticator and |
Module Contents
- flip_api.user_services.mfa_status.router
- flip_api.user_services.mfa_status.get_own_mfa_status(request: fastapi.Request, token_id: uuid.UUID = Depends(verify_token_no_mfa)) dict[str, bool]
Report whether the caller has an active TOTP authenticator and whether this environment requires one.
Exempt from the MFA gate so a freshly-invited or admin-reset user can discover their enrolment state and be routed to the setup page.
- Parameters:
request – FastAPI request object, used to resolve the Cognito user pool id.
token_id – ID of the authenticated user (from the bearer token).
- Returns:
{"enabled": <bool>, "required": <bool>}.enabledreflects whether the caller has a verified and active TOTP device;requiredmirrors Settings.ENFORCE_MFA so the UI can skip the enrolment redirect in dev without a second env var.- Return type:
dict[str, bool]
- Raises:
HTTPException – 404 if the token’s sub does not resolve to a
Cognito user, 500 on Cognito errors. –