Mobile app login does not work if TOTP is enabled - Githubissues

RocketChat / Rocket.Chat

The communications platform that puts data protection first.

https://rocket.chat/

Other

40.51k stars 10.55k forks source link

Mobile app login does not work if TOTP is enabled #33723

Open dazoot opened 2 weeks ago

dazoot commented 2 weeks ago

Description:

Logging in on the mobile app (iOS and Android) returns auth failure: Credential were rejected.... if i have TOTP enabled.

Steps to reproduce:

Try to login on the mobile app
Enter correct user / pass (works in browser)
Click Login

Expected behavior:

Login to work.

Actual behavior:

Login does not work.

I get an error logging IN.

Server Setup Information:

Version of Rocket.Chat Server: 6.13.0
License Type: Starter
Number of Users: 10
Operating System: Debian
Deployment Method: tar
Number of Running Instances: 1
DB Replicaset Oplog: (oplog Enabled)
NodeJS Version: v14.21.3
MongoDB Version: 4.4.29
Version of Rocket.Chat Server:
License Type:
Number of Users:
Operating System:
Deployment Method:
Number of Running Instances:
DB Replicaset Oplog:
NodeJS Version:
MongoDB Version:

Client Setup Information

iOS Application version 4.53.0.66078
Operating System: iOS

Additional context

Login on mobile works after i disable from the browser TOTP 2step authentification.

Gummikavalier commented 3 days ago

I cannot reproduce this error with Oauth provisioned RC 6.13.0 system. TOTP enabled.

With LDAP enabled RC I get that error immediately when I arrive on the login page, already before typing in the username and password. However when I bypass that error and type them in, I can get into RC as normal. Also TOTP query follows as it should.

Edit: iOS app version 4.54.0.67815 so there is a newer one in appstore released within couple of days.