search

nilsteampassnet / TeamPass

Collaborative Passwords Manager
https://www.teampass.net
1.67k stars 546 forks source link

Google 2-step Verification #3287

Open azizbaghirov opened 2 years ago

azizbaghirov commented 2 years ago

Hi, TeamPass crew! We have an issue. We want to activate Google 2-step Verification. Official documentation says:

Google Two-Factor Authentication enhances login security. When logging in, a QR code is displayed, which must be scanned into the user's Google Authentication app to receive a one-time password.

Can you please explain the full process? When does the user see QR code?

Steps to reproduce

  1. Enable Google 2-step Verification - Yes
  2. MFA is requested for users in Roles - All users

Expected behaviour

QR code should be generated

Actual behaviour

We dont see QR anywhere

Server configuration

Operating system: Ubuntu 20.04

Web server: Apache2

Database: mysql Ver 15.1

PHP version: PHP 7.4.3

Teampass version: 3.0.0.14

Teampass configuration file:d tp.config.php.txt

Updated from an older Teampass or fresh install: PLEASE attach to this issue the file /includes/config/tp.config.php.

Client configuration

Google Chrome 104

Operating system: Windows 11

nilsteampassnet commented 2 years ago

The QR code is required to enrole the Teampass account inside the Google Auth tool (or any other tool such as Authy) Once the user has the account added in the MFA tool, it is not more required.

azizbaghirov commented 2 years ago

Dear Nils! we have used MFA with google authenticator many times, but in this case, i wonder where the QR code is displayed to scan it.

nilsteampassnet commented 2 years ago

Once on the login page.

  1. Enter the credentials
  2. Click the envelop icon image
  3. The user will receive an email with a code
  4. Copy and paste the code inside the input box
  5. Click login button
  6. wait a couple of seconds, and you will see the QR code
  7. flash it
  8. use the new auth code from your MFA tool
l3v3lv2 commented 1 year ago

Hi!

I have enabled Google 2-step verification:

OTP is sent to user, code is accepted and then empty QR code image is shown.

No errors seen in backend (httpd and PHP logs). No errors in brower showed in developer tools view. QR code image link is showed as <div id="div-2fa-google-qr" class="row mt-2"><div class="col-12 alert alert-info"><p class="text-center"><img src="data:image/png;base64,"></p><p class="text-center"><i class="fas fa-mobile-alt fa-lg mr-1"></i>Flash with your mobile device</p></div></div>

Google 2FA - empty image

Does Google 2-step verification needs to connect some public servers to generate and show correct QR code image? My Teampass server is behind a proxy server.

hoanbc commented 1 year ago

Hello i have same issues, my server behind a proxy server and i did set config proxy network but no see any request from teampass connect to any domain. TeamPass: v3.0.0.21 image

ozturkinc commented 1 year ago

Hi Nil,

I just installed Teampass yesterday and everything seems to be working great but I am having the same problem as well in re QR code. I am also behind a proxy and the image is not being rendered once I put in the code I received from the email.

On a side note, I think it would make more sense to say "Scan with your mobile device" rather than "Flash with your mobile device". Just a suggestion.

Many thanks for this great piece of software. Really appreciate it.

Regards, Ali

Johnybe commented 1 year ago

Hello,

Same issue, the QRCODE picture is broken

RHEL7.9 PHP8.0 Teampass 3.0.8

Regards