Need Sever-CLI tools can remove user 2FA.

[gai00]

Describe the problem to be solved

My peertube all account (root/user) 2FA broken today, I reset user password by sever-cli tools reset-password. But no help. (v5.1.0 & v5.2.0)

After login(username/password), input 2FA, Error Message: Invalid two factor header. (post request 400) I don't know why this problem occured, I did v3 -> v4 -> v5 migration, docker-compose version.

Describe the solution you would like

after reset password, removing 2fa.

[deadtom76]

Did you ever figure out a way around this? Been dealing with it for weeks. Can't log into my instance at all.

[gai00]

Did you ever figure out a way around this? Been dealing with it for weeks. Can't log into my instance at all.

My solution:

1. using Adminer (web gui) -> login peertube postgres db
2. Table: User, find admin/user account what you want to login
3. remove otpSecret field value
4. back to peertube site, try to login

it's working for me.

If you know how to update user data with psql command line, you no need Adminer. but I still need cli-tools include this feature, not every one know how to do that accessing db.

[gai00]

sorry for mistake touching close... (chromebook touch screen to comment...)

[deadtom76]

If you know how to update user data with psql command line, you no need Adminer. but I still need cli-tools include this feature, not every one know how to do that accessing db.

I was able to do it using Webmin. Worked perfectly. Many thanks.

[EricGuic]

Hi, having the same problem here on Peertube 5.2.1 : error message saying "Invalid two factor header".

How to fix this if I don't have direct access to the postgres db ?

Thanks

[tretkowski]

We ran into a similar issue after upgrading from 5.0.0 to 6.0.4. Disabling and re-enabling 2FA fixed it.

peertube_1   | [peertube.netzbegruenung.de:443] 2024-04-13 09:27:17.476 warn: Login error {
peertube_1   |   "err": {
peertube_1   |     "stack": "Error: error:1C800064:Provider routines::bad decrypt\n    at Decipheriv.final (node:internal/crypto/cipher:199:29)\n    at decrypt (file:///app/dist/core/helpers/peertube-crypto.js:60:82)\n    at async isOTPValid (file:///app/dist/core/helpers/otp.js:7:20)\n    at async handlePasswordGrant (file:///app/dist/core/lib/auth/oauth.js:118:13)\n    at async handleToken (file:///app/dist/core/controllers/api/users/token.js:32:23)",
peertube_1   |     "message": "error:1C800064:Provider routines::bad decrypt",
peertube_1   |     "library": "Provider routines",
peertube_1   |     "reason": "bad decrypt",
peertube_1   |     "code": "ERR_OSSL_BAD_DECRYPT"
peertube_1   |   }
peertube_1   | }
peertube_1   | [peertube.netzbegruenung.de:443] 2024-04-13 09:27:17.479 error: Error in controller. {
peertube_1   |   "err": "RangeError [ERR_HTTP_INVALID_STATUS_CODE]: Invalid status code: ERR_OSSL_BAD_DECRYPT\n    at new NodeError (node:internal/errors:405:5)\n    at ServerResponse.writeHead (node:_http_server:347:11)\n    at ServerResponse.writeHead (/app/node_modules/on-headers/index.js:44:26)\n    at ServerResponse._implicitHeader (node:_http_server:338:8)\n    at write_ (node:_http_outgoing:915:9)\n    at ServerResponse.end (node:_http_outgoing:1026:5)\n    at ServerResponse.send (/app/node_modules/express/lib/response.js:232:10)\n    at ServerResponse.json (/app/node_modules/express/lib/response.js:278:15)\n    at res.fail (file:///app/dist/core/middlewares/error.js:22:13)\n    at handleToken (file:///app/dist/core/controllers/api/users/token.js:49:20)"
peertube_1   | }
peertube_1   | [peertube.netzbegruenung.de:443] 2024-04-13 09:27:17.481 info: 172.18.0.0 - - [13/Apr/2024:09:27:17 +0000] "POST /api/v1/users/token HTTP/1.0" 500 315 "https://peertube.netzbegruenung.de/login" "Firefox"
peertube_1   | [peertube.netzbegruenung.de:443] 2024-04-13 09:27:17.525 error: Client log: Backend returned code 500, errorMessage is: Invalid status code: ERR_OSSL_BAD_DECRYPT {
peertube_1   |   "userAgent": "Mozilla/5.0 (X11; Linux x86_64; rv:124.0) Gecko/20100101 Firefox/124.0",
peertube_1   |   "url": "https://peertube.netzbegruenung.de/login"
peertube_1   | }
peertube_1   | [peertube.netzbegruenung.de:443] 2024-04-13 09:27:17.531 info: 172.18.0.0 - - [13/Apr/2024:09:27:17 +0000] "POST /api/v1/server/logs/client HTTP/1.0" 204 - "https://peertube.netzbegruenung.de/login" "Firefox"