AndrewPoppe
commented
1 month ago @dheskettmgb I think what you're seeing is the intended flow, with the rationale being that the user has already been required to check their email and click the magic link in order to set their password. So sending a second email for MFA seemed redundant. However, they would not have the opportunity to set up MFA with an authenticator app, so I tend to agree that the flow should be changed.
I will change it to require MFA after they set their password if they are creating a new account.
Describe the bug Using REDCapPRO v2.4.0, and using MFA, settings both in system config and in project. ( REDCap v14.0.16 and v14.0.31 )
Adding a new participant with auto enroll.
Starting with the public survey link, and going through the Login and Create, filling out the steps,
At the page, Password Successfully Set, the user might be at a loss for the next step.
It is here, where we seem to be off from what expected flow, that we recall, before, had operated as we had expected.
We should be continuing to the survey page, via the MFA process.
We expect to get to 2-Step Login with the 6-digit security code page, and then to the survey page.
However, we are at the Password Succesfully Set and the user not instructed what to do next.
Are we misunderstanding something or forgot how it worked, in how the process flow should go?
To Reproduce Steps to reproduce the behavior:
Setup: REDCapPRO v2.4.0 (S0.png) ( REDCap v14.0.16 and v14.0.31 ) and Using MFA, settings both in system config and in project (S1.png, S2.png, S3.png), checked.
Adding a new participant with auto enroll.
Process:
Starting with the public survey link, gets us to the Login ( 1.png ), and using Create one link,
takes us to Create Account ( 2.png ), filling out ( 3.png ), giving Account Created ( 4.png ) and check your email.
In the system, user is created, ( 5.png ), and
checking email ( 6.png ), click the link to create password ( note using incognito to avoid the login logout of admin in browser ),
click here ( using go to incognito page ), takes us to Create Password ( 7.png )
hit Submit, takes us to Password Successfully Set ( 8.png ).
At the page, Password Successfully Set ( 8.png ), the user might be at a loss for the next step.
We should be continuing to the survey page, via the MFA process.
We expect to get to 2-Step Login with the 6-digit security code page,
Login ( 10.png ), fill in fields ( 11.png ), click Login,
get to 2-Step Login ( 12.png ),
check the email ( 13.png ) get the code,
enter the code on 2-Step Login ( 12.png ),
get logged in and MFA, to get to survey page ( 14.png ). ( which here is just a dummy public survey page )
NOTE: Either running on our DEV server or using a local host programmers dev server, running the above steps.
Expected behavior Expecting:
At the page, Password Successfully Set ( 8.png ), next
We expect to get to 2-Step Login with the 6-digit security code page,
enter the code on 2-Step Login ( 12.png ),
get logged in and MFA, to get to survey page ( 14.png ). ( which here is just a dummy public survey page )
Screenshots Please see screen shots.
Settings pngs: S0, S1, S2, S3.
Process pngs: 1,2,3,4,5,6,7,8,9,10,11,12,13,14
Desktop (please complete the following information):
Smartphone (please complete the following information): NA
Additional context NOTE: Either running on our DEV server or using a local host programmers dev server, running the above steps.