Closed Akhun-Delar closed 2 years ago
@luke- I could reproduce this only when I open the logout url in new tab/window, because in such case the url is requested with GET method, but on normal click we open the logout url as POST request, because the action has $this->forcePostRequest();
and for me the click on the logout link works well, i.e. I get log out as expected.
@Akhun-Delar Can you please provide more details?
Of course. I've set up a demo under twofabugtest.humhub.com - User is AkhunDelar, password is t5HXYh9x - the 2FA window is active then. I tested with Firefox and Chrome, latest stable version under Windows 11 and Debian 10.9 (fresh install in VirtualBox).
The test instance is the standard installation with all recommended modules + 2FA and imported sample data. 2FA module is configured to Auth app only. No other changes or settings.
Feel free to purge the instance after.
@luke- @yurabakhtin
@luke- @Akhun-Delar Yes, I can reproduce this on the twofabugtest.humhub.com side.
It doesn't work there correctly because the logout link has no attribute data-method="POST"
.
We already fixed this here https://github.com/humhub/twofa/pull/36/files#diff-6b50c5c79652c49abaff914c86163ba66bb7e98736f436d6d440a588b365ab6aR45 as it was requested here https://github.com/humhub/team_tasks/issues/138#issuecomment-905631296, i.e. the site twofabugtest.humhub.com has an old version of the module "2FA".
When being asked for 2FA while logging in, the logout button doesnt work. Instead, the page is being reloaded.