Courtesy login is confusing with extra popup

minagerges / MODX-GoogleAuthenticatorX

Add 2-factor authentication to MODX manager login.

GNU General Public License v3.0

13 stars 12 forks source link

Courtesy login is confusing with extra popup #21

Closed Lefthandmedia closed 5 years ago

Lefthandmedia commented 5 years ago

Hi,

The 1-time courtesy login is a bit confusing because of the extra popup stating my session expired and i need to login, again. Google ChromeScreenSnapz007 My guess is this happens because upon giving the QRcode the user is immediatly logged out. Imho that is not necessary.

minagerges commented 5 years ago

Please check the wiki After installing section, point 7.

If you have courtesy login enabled (Best way to provide the secret) if you refresh the page you will be provided with the same QR-code and will be logged out instantly, if you did not perform steps 1 to 5 earlier, you will have only 60 seconds to scan that qr-code

This occurs because the page attempts a communication, after the user has been logged out.

Lefthandmedia commented 5 years ago

yes but my point is ;why do you log the user out? isn't it better to log the user out AFTER he has seen the QR code and has a change to scan it with his phone/app?

minagerges commented 5 years ago

This is by design, will not change.