google2fa::navigation is not in the package

LifeOnScreen / nova-google2fa

This package provides Google2FA support to Laravel Nova.

23 stars 56 forks source link

google2fa::navigation is not in the package #3

Closed ibrunotome closed 6 years ago

ibrunotome commented 6 years ago

The renderNavigation() returns the view google2fa::navigation, that is not present in the package.

And Im also receiving 419 session expired after each call to authenticate.
After normal login, the package create automatically a google2fa_secret and recovery codes, not showing the QR Code or asking if I wanna enable the 2fa. Is this correct?

janicerar commented 6 years ago

In our project. We needed 2FA for each user.

If will add optional behavior in next patch. This version only supports all users to have 2FA. In the next version, you will be also able to turn off 2FA in development.

For now, I will remove navigation.

On 1. step you get recovery codes.
On the 2. step, you get QR code and you need to enter 6 digit code with this you confirm user Authentication process.

I will make some screenshots to make this more clear.

janicerar commented 6 years ago

@ibrunotome Can you try v0.0.5 and check the problem is still present?

ibrunotome commented 6 years ago

Hi @janicerar, the line on user_2fa table is created, with my correct uuid on the user_id field, google2fa_enable === 0, google2fa_secret and recovery filled, but created_at and updated_at are not filled.

After save/print the recovery codes, all the actions give me a 419 session expired.

On the lifeonscreen2fa.php config I point the model to my Admin class and on the Admin class I modify the hasOne relationship to use your user_id foreign key

    /**
     * @return HasOne
     */
    public function user2fa(): HasOne
    {
        return $this->hasOne(User2fa::class, 'user_id', 'id');
    }

janicerar commented 6 years ago

@ibrunotome I fixed timestamp generation. But I cannot reproduce the error with session expired. When you hit continue you should be redirected to ../los/2fa/register can you hit this URL after printing codes?

ibrunotome commented 6 years ago

I can hit the url, but the view showed is 419. After that if I click on the "Go Home" of 419 I get stucked on the screen with the 6 digits, If I type then (any six digits or the right digits register manually the secret on the Authy app), I got the 419 again.

janicerar commented 6 years ago

It was probably returned by VerifyCsrfToken middleware. I added this codes. Can you check if it works normally?

ibrunotome commented 6 years ago

@janicerar now works perfectly. Thanks 👍