Why is it necessary to check session class for mfa and not elsewhere?

[sebbASF]

mfa_enabled() checks the session class:

infrastructure-asfquart/src/asfquart/auth.py

Line 25 in e302f3c

return isinstance(client_session, session.ClientSession) and client_session.mfa is True, cls.E_NO_MFA

but the other methods do not, e.g. for member():

infrastructure-asfquart/src/asfquart/auth.py

Line 36 in e302f3c

return client_session.isMember is True, cls.E_NOT_MEMBER