I never see the 2-factor verification page

[petehjfd]

Hi

I'm not sure if I'm missing something, but no matter what I do, I never see the 2-factor verification page. I just get logged in straight to the dashboard.

• I have setup the config file as per the example.
• verifyBackEnd is true
• I have completed the setup process with Google Authenticator on the settings page.
• I see the green "Your account is secured" text on the settings page.

If I log out and log back in, I go straight to the dashboard. No 2-factor verification.

If I delete the user's record from the twofactorauthentication_user database table and try logging in again, I still go straight to the dashboard. No 2-factor authentication.

The user's record in the twofactorauthentication_user database table does not get recreated until I return to the plugin's settings page.

I have tried with both an admin account and a non-admin account.

I am testing locally at the moment, which I assume is OK? I can't think of anything else to try. Am I missing something?

Thanks!

Craft version: 3.6.11.2 (also tested with 3.6.6) Plugin version: 2.8.1

[petehjfd]

I've now also tried disabling dev mode, which didn't make any difference.

[roelvanhintum]

@petehjfd thanks! The verification is stored in the session. It looks like session is kept alive even after logout. I'll release a fix asap (today).

[petehjfd]

Thanks @roelvanhintum, that would be great!

[roelvanhintum]

@petehjfd before releasing, does the latest commit fix this for you? In composer this would be dev-craft-3.1 i think. I now store the login timestamp and compare this to the lastest login timestamp.

[petehjfd]

Yes, that seems to have done the trick!

[roelvanhintum]

Glad to hear! Thanks for testing! Released in 2.9.0