Closed apaarbajpai closed 7 years ago
Thank, we'll look into it!
Are there any updates on this issue? We are experiencing a similar issue with Magento Enterprise 1.14.2.0.
Specifically, We had a user that needed to reset his admin panel password. He clicked the link to get the password email, and then clicked "Reset Password". After doing so, the two-factor authentication error pops up (see 2FA.png). I also tried this, and I got the same results. This is strange because 1) my IP address is whitelisted in the Sentry system/config, and 2) my account is listed in Duo which usually prompts me with the 2FA Duo box and not just an error message
Please let me know if you need any more information. Thanks!
Hi Aric, Miguel, Just following up again--will there be any updates soon? This is causing some overhead here as we always have to have someone else reset the password instead of the user being able to use the Forgot your password link. Thanks
@cdietzols @apaarbajpai can you try adding the correct action here and report back?
@miguelbalparda I added 2 more actions involved with resetting the password:
protected $_allowedActions = array('login', 'forgotpassword', 'resetpassword', 'resetpasswordpost');
Two of my colleagues and I tested this change, and now we're able to reset our passwords without the duo error message. Thanks!
Sweet @cdietzols do you mind doing a pull request with this?
363eff2576676bf0c47c5bad063071c3e7e267bb
@miguelbalparda do you still need me to do the pull request, or is it taken care of with the commit you posted? Sorry if that's a silly question--I'm still learning about github pull requests.
I went ahead and did the PR. Thank you for the help!
In Magento Enterprise 1.14.2.4 when the user password expires and user tries to login magento admin , the redirection lands you in endless loop.
There is no way to reset the password as well as the reset password link takes the user back to to admin login screen with the message "Please enter security code".