$qrCodeType is undefined

[hikatja]

Hi there,

When setting up 2FA on one environment, then git pulling that user into another environment, the following error is encountered:

$qrCodeType is undefined 

Source: https://github.com/kind-work/two-fa/blob/db92721926ac756c8d27d0d80748992e2b9c8240/resources/views/setup.blade.php#L20

If 2FA is set up locally and then pushed to another environment (staging server for example), it's then complained that $secretKey is undefined.

Does 2FA support users in version control (i.e. setting up 2FA on one environment allows for 2FA on all environments for that user), or would the recommendation be to set up 2FA on a given environment, then exclude that user from git or similar?

Thanks!

[jcohlmeyer]

Yes, you can set up 2FA in one environment and it will be pushed to other environments assuming you have your users in version control.

The error you are showing makes it seem like the addon is not installed In your production environment.

Statamic 3 does not include the vendor's folder in version control by default, so any changes made by installing addons are just made to the composer file.

This means that after you get your changes on another environment you will have to run something like composer install --no-interaction--prefer-dist--optimize-autoloader to get any changes to your vendor's folder to be updated in production.

Source: https://statamic.dev/deploying#configuring-deployment

[hikatja]

@jcohlmeyer Thanks for the reply. Yes, my deploy script runs exactly that. :) The add-on is installed locally and on production, and if I disable and set up 2FA on either environment, everything works as I'd expect. If I set up 2FA locally and push from local to prod (via Forge) I encounter the $secretKey error when attempting to access my /cp. If I set up 2FA on prod and pull locally, I encounter the $qrCodeType type error.

I must be doing something dumb, but anything else it could be, assuming the add-on is installed in both places?

[jcohlmeyer]

Oh, okay, I just saw the issue about $qrCodeType error. I think when you installed on prod and pull from prod to local maybe you forgot to run composer install?

When you install local and push to prod and get $secretKey is undefined, it seems like there is a caching issue, I will look more into that, however just to check, did you try cleaning out your caches on prod?

[hikatja]

I had thought that with composer install but no luck, andfor cache clearing I've run both php please stache:refresh and php artisan cache:clear. But, let me go through the setup process again and I'll report back.

[hikatja]

Alright, here's the process I went through, installing + setting up 2FA locally and pushing to prod:

Remove 2FA

composer remove kind-work/two-fa
composer update
Remove 2FA fieldtype from `users` blueprint
Remove 2FA entries from specific user yml
git add -A
git commit -m "Remove 2fa"
git push

(Manually deploy Forge) On local and prod remove FORCE_2FA=true from .env

Install 2FA locally

php please cache:clear
php artisan cache:clear
composer require kind-work/two-fa

Add the two_fa fieldtype to the users yml

- handle: two_fa
  field:
    type: two_fa
    localizable: false
    display: 'Two Factor'

Navigate to http://$localdomain.test/cp/users/$userHash/edit Click 'Protect My Account with 2FA' Scan QR code Sign out then back in to ensure everything is working locally Everything is working locally

Push to production

git add -A
git commit -m "enable 2FA"
git push

(Manually deploy forge)

Forge deploy script:

cd /home/$user/$site
git pull origin $FORGE_SITE_BRANCH
$FORGE_COMPOSER install --no-interaction --prefer-dist --optimize-autoloader

( flock -w 10 9 || exit 1
    echo 'Restarting FPM...'; sudo -S service $FORGE_PHP_FPM reload ) 9>/tmp/fpmlock

php artisan cache:clear
php please stache:refresh

Encounter PHP fatal at https://$domain/cp/two-fa:

[previous exception] [object] (ErrorException(code: 0): Undefined variable $secretKey at /home/$user/$site/storage/framework/views/6730ad93c5c5689d6605ed6cf0cbcaf8484d37c1.php:14)

• composer install a second time has no effect
• Running various cache clear has no effect:

php artisan cache:clear
php artisan config:cache
php artisan route:cache
php artisan statamic:stache:warm 
php please search:update --all
php artisan statamic:assets:generate-presets

Is there a file that isn't making it from local to prod that should be? Here's my .gitignore

/node_modules
/public/hot
/public/storage
/public/vendor/statamic
/storage/*.key
/vendor
.env
.env.backup
.phpunit.result.cache
.php_cs.cache
Homestead.json
Homestead.yaml
npm-debug.log
yarn-error.log
.DS_Store

[jcohlmeyer]

Can you check to see if pragmarx/google2fa-qrcode is installed on prod/staging?

[hikatja]

Can you check to see if pragmarx/google2fa-qrcode is installed on prod/staging?

Yes, version 2.0.1:

cat $site/vendor/pragmarx/google2fa-qrcode/CHANGELOG.md
## Change Log

## [2.0.1] - 2020-10-17
### Removed
- Support for Bacon QRCode 1.x

[jcohlmeyer]

🤔 I will have to try a few more things to try to reproduce the issue. Right now I am not sure what the issue is.

[hikatja]

Thanks, I'm confused myself. I set up a new Statamic site, no starter kit, and I've just hit this. So, I don't know. If your testing goes well I must be overlooking something obvious.

[2022-02-21 17:43:48] production.ERROR: The MAC is invalid.  
[2022-02-21 17:43:48] production.ERROR: Undefined variable $secretKey (View: /home/test/$site.com/vendor/kind-work/two-fa/resources/views/setup.blade.php) {"view":{"view":"/home/test/$site.com/vendor/kind-work/two-fa/src/../resources/views/setup.blade.php","data":{"errors":"<pre class=sf-dump id=sf-dump-904543816 data-indent-pad=\"  \"><span class=sf-dump-note>Illuminate\\Support\\ViewErrorBag</span> {<a class=sf-dump-ref>#2044</a><samp data-depth=1 class=sf-dump-expanded>
  #<span class=sf-dump-protected title=\"Protected property\">bags</span>: []
</samp>}
</pre><script>Sfdump(\"sf-dump-904543816\", {\"maxDepth\":3,\"maxStringLength\":160})</script>
","error":"<pre class=sf-dump id=sf-dump-678690835 data-indent-pad=\"  \">\"<span class=sf-dump-str title=\"83 characters\">2FA is not properly setup. Please set it up or contact your administrator for help.</span>\"
</pre><script>Sfdump(\"sf-dump-678690835\", {\"maxDepth\":3,\"maxStringLength\":160})</script>
"}},"userId":"3a87a62d-5204-4eac-abb7-0861eea4ef45","exception":"[object] (Facade\\Ignition\\Exceptions\\ViewException(code: 0): Undefined variable $secretKey (View: /home/test/$site.com/vendor/kind-work/two-fa/resources/views/setup.blade.php) at /home/test/$site.com/vendor/kind-work/two-fa/src/../resources/views/setup.blade.php:13)
[stacktrace]

[jcohlmeyer]

The first line of that error points to the APP_KEY being different in your different environments causing the issue.

https://laracasts.com/discuss/channels/laravel/the-mac-is-invalid

[hikatja]

Ah and there we are, the something obvious. Yep, once bringing the APP_KEY into alignment 2FA is working across environments. Thanks for putting up with me!

[jcohlmeyer]

No problem, glad to hear it is working for you now. Let me know if you need anything else.