HomeITAdmin
commented
1 year ago Yes, it looks like when the user is using the login without password then the preLogin hook is not called. From my point of view this is an error in the server, independent of the login method the preLogin hook should be called. Will have to raise a bug ticket in the server, there is nothing that I can do in the app if the app is not called at all.
j-lakeman
In my NC instance I enabled the default Two-Factor TOTP Provider app https://github.com/nextcloud/twofactor_totp#readme When logging in using WebAuthn / FIDO2 using a YubiKey, for example, it seems the geo-blocking can be circumvented. I've tried it with a VPN provider, and the geo-blocking did work for the "normal" login but not for the WebAuthn one. I think this is unintended behaviour. However, thanks for your work! Appreciate it!