If an admin user of Pleroma changes their account password by changing their Yunohost password (e.g. via the web portal), two-factor authentication cannot be set up afterwards because the password they enter is always rejected, no matter what it is.
Context
In Pleroma-YNH, there are two kinds of password:
1) The password that is entered on the "install app" screen when installing Pleroma -- the one that famously cannot contain special characters. This is called the admin password and is also used to set up two-factor authentication... among other things, I guess.
2) The password that is used to sign in to a user's Pleroma account. For admin users, this is the same as their Yunohost username and password and it can only be changed via the Yunohost web portal or command line (not Pleroma FE or Admin FE).
If you change (2), then (1) becomes invalid, and no other password works.
My setup
Hardware: Lenovo ThinkCentre m720q
YunoHost version: 11.2.9.1 (stable)
I have access to my server: Through SSH & through the webadmin
Are you in a special context or did you perform some particular tweaking on your YunoHost instance?: no
Using, or trying to install package version/branch: 2.5.5~ynh2
Steps to reproduce
1) Test that you can set up 2FA beforehand (in Pleroma FE settings --> Security tab). Use the admin password you set up on installing Pleroma.
2) Turn 2FA back off.
3) Log in to the Yunohost web portal and change the password of the user who is the administrator for Pleroma.
4) Sign in to Pleroma using your new password, and try to set up 2FA.
5) Pleroma says the admin password is invalid. The new password you just chose is also invalid, as is the one you changed it from.
Expected behaviour
The admin password should work regardless of the password used to sign in to Pleroma.
Describe the bug
If an admin user of Pleroma changes their account password by changing their Yunohost password (e.g. via the web portal), two-factor authentication cannot be set up afterwards because the password they enter is always rejected, no matter what it is.
Context
In Pleroma-YNH, there are two kinds of password:
1) The password that is entered on the "install app" screen when installing Pleroma -- the one that famously cannot contain special characters. This is called the admin password and is also used to set up two-factor authentication... among other things, I guess. 2) The password that is used to sign in to a user's Pleroma account. For admin users, this is the same as their Yunohost username and password and it can only be changed via the Yunohost web portal or command line (not Pleroma FE or Admin FE).
If you change (2), then (1) becomes invalid, and no other password works.
My setup
Steps to reproduce
1) Test that you can set up 2FA beforehand (in Pleroma FE settings --> Security tab). Use the admin password you set up on installing Pleroma. 2) Turn 2FA back off. 3) Log in to the Yunohost web portal and change the password of the user who is the administrator for Pleroma. 4) Sign in to Pleroma using your new password, and try to set up 2FA. 5) Pleroma says the admin password is invalid. The new password you just chose is also invalid, as is the one you changed it from.
Expected behaviour
The admin password should work regardless of the password used to sign in to Pleroma.