jxxghp
diff --git a/‎app/api/apiv1.py‎
Lines changed: 2 additions & 1 deletion b/‎app/api/apiv1.py‎
Lines changed: 2 additions & 1 deletion
diff --git a/‎app/api/endpoints/login.py‎
Lines changed: 7 additions & 0 deletions b/‎app/api/endpoints/login.py‎
Lines changed: 7 additions & 0 deletions
@@ -2,11 +2,12 @@
 
 from app.api.endpoints import login, user, webhook, message, site, subscribe, \
     media, douban, search, plugin, tmdb, history, system, download, dashboard, \
-    transfer, mediaserver, bangumi, storage, discover, recommend, workflow, torrent, mcp
+    transfer, mediaserver, bangumi, storage, discover, recommend, workflow, torrent, mcp, mfa
 
 api_router = APIRouter()
 api_router.include_router(login.router, prefix="/login", tags=["login"])
 api_router.include_router(user.router, prefix="/user", tags=["user"])
+api_router.include_router(mfa.router, prefix="/mfa", tags=["mfa"])
 api_router.include_router(site.router, prefix="/site", tags=["site"])
 api_router.include_router(message.router, prefix="/message", tags=["message"])
 api_router.include_router(webhook.router, prefix="/webhook", tags=["webhook"])
 
@@ -29,6 +29,13 @@ def login_access_token(
                                                              mfa_code=otp_password)
 
     if not success:
+        # 如果是需要MFA验证，返回特殊标识
+        if user_or_message == "MFA_REQUIRED":
+            raise HTTPException(
+                status_code=401, 
+                detail="需要双重验证",
+                headers={"X-MFA-Required": "true"}
+            )
         raise HTTPException(status_code=401, detail=user_or_message)
 
     # 用户等级