diff --git a/apps/jumpserver/const.py b/apps/jumpserver/const.py
index 9a6ed9e6ada4d9461651cfd1083af39e305216c2..9dad76cd5ef7c8446c171272ef2cbc130db79407 100644
--- a/apps/jumpserver/const.py
+++ b/apps/jumpserver/const.py
@@ -1,12 +1,46 @@
 # -*- coding: utf-8 -*-
 #
 import os
+
+from werkzeug.local import LocalProxy
+
 from .conf import ConfigManager
+from common.local import thread_local
 
-__all__ = ['BASE_DIR', 'PROJECT_DIR', 'VERSION', 'CONFIG', 'DYNAMIC']
+__all__ = ['BASE_DIR', 'PROJECT_DIR', 'VERSION', 'CONFIG', 'DYNAMIC', 'LOCAL_DYNAMIC_SETTINGS']
 
 BASE_DIR = os.path.dirname(os.path.dirname(os.path.abspath(__file__)))
 PROJECT_DIR = os.path.dirname(BASE_DIR)
 VERSION = '2.0.0'
 CONFIG = ConfigManager.load_user_config()
 DYNAMIC = ConfigManager.get_dynamic_config(CONFIG)
+
+
+class _Settings:
+    pass
+
+
+def get_dynamic_cfg_from_thread_local():
+    KEY = 'dynamic_config'
+
+    try:
+        cfg = getattr(thread_local, KEY)
+    except AttributeError:
+        cfg = _Settings()
+        setattr(thread_local, KEY, cfg)
+
+    return cfg
+
+
+class DynamicDefaultLocalProxy(LocalProxy):
+    def __getattr__(self, item):
+        try:
+            value = super().__getattr__(item)
+        except AttributeError:
+            value = getattr(DYNAMIC, item)()
+            setattr(self, item, value)
+
+        return value
+
+
+LOCAL_DYNAMIC_SETTINGS = DynamicDefaultLocalProxy(get_dynamic_cfg_from_thread_local)
diff --git a/apps/users/models/user.py b/apps/users/models/user.py
index d0ab12c38fe9d28ba9862e357ca0ae173b171366..d30141d239c8a1ec686c6191fa86d3e416348fb1 100644
--- a/apps/users/models/user.py
+++ b/apps/users/models/user.py
@@ -16,6 +16,7 @@ from django.utils.translation import ugettext_lazy as _
 from django.utils import timezone
 from django.shortcuts import reverse
 
+from jumpserver.const import LOCAL_DYNAMIC_SETTINGS
 from orgs.utils import current_org
 from common.utils import signer, date_expired_default, get_logger, lazyproperty
 from common import fields
@@ -394,7 +395,7 @@ class MFAMixin:
 
     @property
     def mfa_force_enabled(self):
-        if settings.SECURITY_MFA_AUTH:
+        if LOCAL_DYNAMIC_SETTINGS.SECURITY_MFA_AUTH:
             return True
         return self.mfa_level == 2