屏蔽/admin/login登录入口

[nick2wang]

防止通过/admin/login登录绕过2FA验证

[codecov]

Codecov Report

Merging #1541 (97e6af4) into master (4d96ac6) will not change coverage.
The diff coverage is 100.00%.

@@           Coverage Diff           @@
##           master    #1541   +/-   ##
=======================================
  Coverage   76.84%   76.84%           
=======================================
  Files          91       91           
  Lines       14309    14309           
=======================================
  Hits        10996    10996           
  Misses       3313     3313           

Impacted Files	Coverage Δ
common/middleware/check_login_middleware.py	100.00% <100.00%> (ø)

---

Continue to review full report at Codecov.

Legend - Click here to learn more
Δ = absolute <relative> (impact), ø = not affected, ? = missing data
Powered by Codecov. Last update 4d96ac6...97e6af4. Read the comment docs.

[LeoQuote]

LGTM

[LeoQuote]

如果管理员因为忘记了 2fa 被关在外面, 有没有办法临时禁用 2fa ?

[nick2wang]

如果管理员因为忘记了 2fa 被关在外面, 有没有办法临时禁用 2fa ?

从2fa_config表删除对应用户的那条配置即可关闭该用户的2fa验证

[nick2wang]

管理员应该比普通用户更依赖2fa，毕竟权限太高了，除非额外增加一种验证方式来重置或关闭，不然系统内部不应该保留一个只需要验证密码的后门来应对无法获取2fa验证码这种情况，那样的话2fa就形同虚设了

[LeoQuote]

LGTM

[nick2wang]

更新了丢失2FA凭证无法登陆的处理方法：https://github.com/hhyo/Archery/wiki/FAQ