I am facing this strange issue, I have posted it here already but didn't get any response yet.
I am using django-two-factor-auth in my Django application, Everything works fine in the local environment but getting an issue on the production server.
My application is tenant-based and I am using subdomains for each tenant, for example on the production server,
My application => xyz.com
User with tenant name "a" after login gets redirected to => a.xyz.com
User with tenant name "b" after login gets redirected to => b.xyz.com
When redirected to a subdomain I am getting this issue that user.is_verified() always returns False even if 2fa is enabled for the user. I am using user.is_valrified() for showing enable/disable 2fa buttons.
If I remove the subdomain redirection, it works fine and returns True if 2fa is enabled for a user.
My Environments
Browser and version: Google Chrome Version 103.0.5060.114
Python version: 3.8.10
Django version: 2.2.0
django-otp version: 0.9.4
django-two-factor-auth version: 1.12.1
Note: I have debugged this enough that I know this is happening due to sub-domains