search

apache / cloudstack

Apache CloudStack is an opensource Infrastructure as a Service (IaaS) cloud computing platform
https://cloudstack.apache.org/
Apache License 2.0
1.99k stars 1.09k forks source link

2FA: don't redirect back to login screen after entering incorrect 2FA code #9508

Open hrak opened 1 month ago

hrak commented 1 month ago
ISSUE TYPE
COMPONENT NAME
UI
CLOUDSTACK VERSION
4.18
CONFIGURATION
OS / ENVIRONMENT

N/A

SUMMARY

After entry of an invalid 2FA code, the user gets redirected back to the login screen, instead of offering the user the possibility of entering a 2FA code again. There should be no need to go back to the login screen if the user already made it to the 2FA screen.

STEPS TO REPRODUCE
EXPECTED RESULTS

Go back to 2FA entry screen and let the user try again, or submit the 2fa code using AJAX and give instant feedback on the 2FA screen about the invalid code and stay on the 2FA code entry page.

ACTUAL RESULTS
boring-cyborg[bot] commented 1 month ago

Thanks for opening your first issue here! Be sure to follow the issue template!