Closed edegaudenzi closed 5 months ago
more likely for myself and of course I'll try to create a PR for this if you guys think it's ok.
2amigos/yii2-usuario version 1.6.1
In the SettingsController::actionTwoFactor()
code the user $id
must be equal to Yii::$app->user->id
. The $user
object is then found through $user = $this->userQuery->whereId($id)->one();
If the Yii::$app->user->identity->auth_tf_key
is null
in the database, then the service TwoFactorQrCodeUriGeneratorService::run() will populate it but - correctly - it does not refresh the Yii::$app->user->identity->auth_tf_key
instance itself, so at this point only the $user
object has auth_tf_key
populated.
This means that after the TwoFactorQrCodeUriGeneratorService::run()
has run, the database and the $user
object have the auth_tf_key
, while Yii::$app->user->identity
does not; which is correct, but this also means there is no way to then retrieve it in the two-factor.php
view.
In the SettingsController::actionTwoFactor()
, when calling the two-factor.php
view, also pass the $user
object as a parameter for the view, in this way it would be possible to have the auth_tf_key
field always populated.
Then an additional couple of html lines can be done to achieve what is represented in the gif.
Live long and prosper \\//_
What steps will reproduce the problem?
/user/settings/account -> Google Authenticator -> Enable two factor authentication
What is the expected result?
Popup showing qrCode and a clickable "Can't scan? Use the code instead." so to be able to set up a password manager (like 1Password) to generate 2fa codes for me. For password managers the 'qrCode Scan' is not always an option.
What do you get instead?
Popup only showing qrCode. In this way it is impossible/difficult to set up a password manager (like 1Password) to generate 2fa codes for me. For password managers the 'qrCode Scan' is not always an option.