roelvanhintum
commented
5 months ago @mlewisem, this can be caused by a lot of things. Can you check error logs?
Closed mlewisem closed 4 months ago
roelvanhintum
commented
5 months ago @mlewisem, this can be caused by a lot of things. Can you check error logs?
paragonn
commented
4 months ago I am experiencing the same problem. It appears that the twofactorauthentication_usertoken table doesn't get created? Is there a way to create that table manually?
roelvanhintum
commented
4 months ago Hi @paragonn, did this happen on an existing install or a fresh install of the plugin?
In case of an existing install, it should be installed by m240208_094536_create_usertoken_table.php You can trigger this again by removing a line from the migrations table.
paragonn
commented
4 months ago Hi @roelvanhintum -- Thanks for your response. Yes, there was a previous install that I had uninstalled. I removed the recommended line from the migrations table, uninstalled the plugin and reinstalled it. Unfortunately, the problem is still happening where the twofactorauthentication_usertoken tables does not get created.
paragonn
commented
4 months ago Hi @roelvanhintum -- Good news. I was able to get it working by completely removing the plugin via composer and then using composer require to install it again.
benjaminkohl
commented
4 months ago I am experiencing the same symptoms described in this issue except I know the craft_twofactorauthentication_usertoken table exists and I can see the codes being created in it. Depending on which version of the form I am using, the button either gets stuck on the "Loading" state or the form shakes like I entered an invalid code. I found some corresponding web log items and have removed my client's name/domain from the text. I am not sure why there would be a 400 status. Any ideas?
Craft Version: 4.5.9 Plugin Version: 3.3.7
{
"trace": [
"#0 /home/BOOP/webapps/BOOP-prod/vendor/craftcms/cms/src/web/Controller.php(171): yii\\web\\Controller->beforeAction()",
"#1 /home/BOOP/webapps/BOOP-prod/vendor/yiisoft/yii2/base/Controller.php(176): craft\\web\\Controller->beforeAction()",
"#2 /home/BOOP/webapps/BOOP-prod/vendor/yiisoft/yii2/base/Module.php(552): yii\\base\\Controller->runAction()",
"#3 /home/BOOP/webapps/BOOP-prod/vendor/craftcms/cms/src/web/Application.php(305): yii\\base\\Module->runAction()",
"#4 /home/BOOP/webapps/BOOP-prod/vendor/craftcms/cms/src/web/Application.php(608): craft\\web\\Application->runAction()",
"#5 /home/BOOP/webapps/BOOP-prod/vendor/craftcms/cms/src/web/Application.php(284): craft\\web\\Application->_processActionRequest()",
"#6 /home/BOOP/webapps/BOOP-prod/vendor/yiisoft/yii2/base/Application.php(384): craft\\web\\Application->handleRequest()",
"#7 /home/BOOP/webapps/BOOP-prod/public/index.php(24): yii\\base\\Application->run()",
"#8 {main}"
],
"memory": 3399760,
"exception": "[object] (yii\\web\\BadRequestHttpException(code: 0): Unable to verify your data submission. at /home/BOOP/webapps/BOOP-prod/vendor/yiisoft/yii2/web/Controller.php:220)"
}Request Data (removed IPs and client name/domains)
{
"sessionId": "9dgibe2qquanrjq66p1mn9q2r8",
"body": "{\"authenticationCode\":\"751970\"}",
"vars": {
"_GET": {
"p": "admin/actions/two-factor-authentication/verify/login-process",
"v": "1719320857328"
},
"_FILES": [],
"_COOKIE": {
"_ga_4Y9ZC7MNF0": "GS1.1.1715882480.25.0.1715882519.21.0.0",
"_ga": "GA1.2.451383581.1715882520",
"OptanonAlertBoxClosed": "2024-05-16T18:02:09.206Z",
"1031b8c41dfff97a311a7ac99863bdc5_username": "c489bf88a9e60bb8d570026ecf52d0f24601b34bb0257644f781f13f8a7192aaa:2:{i:0;s:41:\"1031b8c41dfff97a311a7ac99863bdc5_username\";i:1;s:12:\"benjaminkohl\";}",
"OptanonConsent": "isGpcEnabled=0&datestamp=Thu+Jun+20+2024+09:41:26+GMT-0400+(Eastern+Daylight+Time)&version=202403.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=3abb531e-0a55-4fe7-a80e-fe2660cad15b&interactionCount=1&isAnonUser=1&landingPath=NotLandingPage&groups=C0005:0,C0002:0,C0004:0,C0001:1&intType=6&geolocation=US;MI&AwaitingReconsent=false",
"BOOPSession": "9dgibe2qquanrjq66p1mn9q2r8",
"CRAFT_CSRF_TOKEN": "••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••"
},
"_SESSION": {
"bd62416aa8538ede709019a5e113eea5__flash": [],
"1031b8c41dfff97a311a7ac99863bdc5__returnUrl": "https://www.BOOP.com/admin"
},
"_SERVER": {
"USER": "BOOP",
"HOME": "/home/BOOP",
"SCRIPT_NAME": "/index.php",
"REQUEST_URI": "/index.php?p=admin%2Factions%2Ftwo-factor-authentication%2Fverify%2Flogin-process&v=1719320857328",
"QUERY_STRING": "p=admin%2Factions%2Ftwo-factor-authentication%2Fverify%2Flogin-process&v=1719320857328",
"REQUEST_METHOD": "POST",
"SERVER_PROTOCOL": "HTTP/1.0",
"GATEWAY_INTERFACE": "CGI/1.1",
"REMOTE_PORT": "51616",
"SCRIPT_FILENAME": "/home/BOOP/webapps/BOOP-prod/public/index.php",
"SERVER_ADMIN": "you@example.com",
"CONTEXT_DOCUMENT_ROOT": "/home/BOOP/webapps/BOOP-prod/public/",
"CONTEXT_PREFIX": "",
"REQUEST_SCHEME": "http",
"DOCUMENT_ROOT": "/home/BOOP/webapps/BOOP-prod/public/",
"REMOTE_ADDR": "BOOP",
"SERVER_PORT": "80",
"SERVER_ADDR": "127.0.0.1",
"SERVER_NAME": "www.BOOP.com",
"SERVER_SOFTWARE": "Apache/2.4.59 (Unix) OpenSSL/3.0.2",
"SERVER_SIGNATURE": "",
"LD_LIBRARY_PATH": "/RunCloud/Packages/apache2-rc/lib",
"PATH": "/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/bin",
"HTTP_COOKIE": "_ga_4Y9ZC7MNF0=GS1.1.1715882480.25.0.1715882519.21.0.0; _ga=GA1.2.451383581.1715882520; OptanonAlertBoxClosed=2024-05-16T18:02:09.206Z; 1031b8c41dfff97a311a7ac99863bdc5_username=c489bf88a9e60bb8d570026ecf52d0f24601b34bb0257644f781f13f8a7192aaa%3A2%3A%7Bi%3A0%3Bs%3A41%3A%221031b8c41dfff97a311a7ac99863bdc5_username%22%3Bi%3A1%3Bs%3A12%3A%22benjaminkohl%22%3B%7D; OptanonConsent=isGpcEnabled=0&datestamp=Thu+Jun+20+2024+09%3A41%3A26+GMT-0400+(Eastern+Daylight+Time)&version=202403.2.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=3abb531e-0a55-4fe7-a80e-fe2660cad15b&interactionCount=1&isAnonUser=1&landingPath=NotLandingPage&groups=C0005%3A0%2CC0002%3A0%2CC0004%3A0%2CC0001%3A1&intType=6&geolocation=US%3BMI&AwaitingReconsent=false; BOOPSession=9dgibe2qquanrjq66p1mn9q2r8; CRAFT_CSRF_TOKEN=f6ba43a1c4f0adef15686f5eafc918a4cee82c65faa4645de8dc422e40ca8f2ca%3A2%3A%7Bi%3A0%3Bs%3A16%3A%22CRAFT_CSRF_TOKEN%22%3Bi%3A1%3Bs%3A40%3A%22Cfh_nfZ6069Ggfa1bZtaJ3mSnv1dbroR3-4RA4AW%22%3B%7D",
"HTTP_PRIORITY": "u=1, i",
"HTTP_ACCEPT_LANGUAGE": "en-US,en;q=0.9,ms;q=0.8,la;q=0.7,fr;q=0.6",
"HTTP_ACCEPT_ENCODING": "gzip, deflate, br, zstd",
"HTTP_REFERER": "https://www.BOOP.com/index.php?p=admin/actions/two-factor-authentication/verify/login",
"HTTP_SEC_FETCH_DEST": "empty",
"HTTP_SEC_FETCH_MODE": "cors",
"HTTP_SEC_FETCH_SITE": "same-origin",
"HTTP_ORIGIN": "https://www.BOOP.com",
"HTTP_SEC_CH_UA_PLATFORM": "\"macOS\"",
"HTTP_X_REQUESTED_WITH": "XMLHttpRequest",
"HTTP_ACCEPT": "application/json, text/plain, */*",
"HTTP_X_REGISTERED_JS_FILES": "",
"CONTENT_TYPE": "application/json",
"HTTP_USER_AGENT": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36",
"HTTP_X_REGISTERED_ASSET_BUNDLES": "52bc6b65,22e517a2,aee7f8dc,e505ffd6,6b4d7555,e5e48399,bb2f10a0,815d39ea,fc0bc163,1ccab40d,1e21896b,54698ee0,b842675b,1c3c9add,4b1fd285,d8d08e47,8f00ce04,8768f48b,cf3018d6",
"HTTP_SEC_CH_UA_MOBILE": "?0",
"HTTP_X_CSRF_TOKEN": "••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••••",
"HTTP_DNT": "1",
"HTTP_SEC_CH_UA": "\"Not/A)Brand\";v=\"8\", \"Chromium\";v=\"126\", \"Google Chrome\";v=\"126\"",
"CONTENT_LENGTH": "31",
"HTTP_CONNECTION": "close",
"HTTP_X_FORWARDED_PROTO": "https",
"HTTP_X_FORWARDED_FOR": "BOOP",
"HTTP_X_SERVER_ADDR": "BOOP",
"HTTP_HOST": "www.BOOP.com",
"HTTPS": "on",
"FCGI_ROLE": "RESPONDER",
"PHP_SELF": "/index.php",
"REQUEST_TIME_FLOAT": 1719320857.455863,
"REQUEST_TIME": 1719320857
}
}
}@benjaminkohl, that looks like an issue with sessions. There are multiple existing issues involving sessions.
This is usually caused by either cookie settings, session settings (like userSessionDuration or session.cookie_lifetime) or the session store like in https://github.com/born05/craft-twofactorauthentication/issues/64 There is just to much options to figure this out without debugging on your environment.
Probably the same as https://github.com/born05/craft-twofactorauthentication/issues/83 and https://github.com/born05/craft-twofactorauthentication/issues/76
Can also be caused by the debug-toolbar.
benjaminkohl
commented
4 months ago @roelvanhintum Okay, thank you. I'll try clearing any open sessions I have and I will disable the debug toolbar for myself. That could explain why it seems like I might be the only person affected as I haven't heard any complaints from the actual client users.
Hello,
I've noticed a persistent issue with the 2fa screen in our application when entering the 2fa while trying to access the backend. When an incorrect verification code is entered, the application gets stuck in an unusual state. Here's what happens:
The button remains in a loading state indefinitely. Entering the correct code afterwards does nothing. Refreshing the page and entering the correct code again requires a second attempt for it to work. (sometimes it does not work at all) I've tested this scenario 6 times, and the same result occurred each time.
Application Details Current Plugin Version: 3.3.7 Craft Version: 4.9.2 PHP Version: 8.2