CLI command twofactorauth:enable does not enable two-factor authentication for a user.

owncloud / twofactor_totp

🔑 Second factor TOTP (Google Authenticator) provider for ownCloud

GNU Affero General Public License v3.0

9 stars 9 forks source link

CLI command twofactorauth:enable does not enable two-factor authentication for a user. #129

Closed davitol closed 5 years ago

davitol commented 5 years ago

Test steps

1- Via CLI run twofactorauth:enable user

Current behaviour

'user' is not asked for 2FA code to login. Also TOTP checkbox is not cheched in the webUI

Expected behavior

'user' has to use 2FA mandatory to login

Command description says

occ  twofactorauth:enable  Enable two-factor authentication for a user.

karakayasemi commented 5 years ago

@davitol The expected behaviour is wrong. We can close this ticket. Totp is not only twofactor-auth provider and twofactorauth:enable command belongs to core, not related to totp app. When it is enabled (default enabled for all users), user able to use twofactor-auth. But, an admin can disable twofactor-auth for an user with this command, for example when the user requested it on a locked-down situation.