bubka / 2fauth Goto Github PK
View Code? Open in Web Editor NEWA Web app to manage your Two-Factor Authentication (2FA) accounts and generate their security codes
Home Page: https://docs.2fauth.app/
License: GNU Affero General Public License v3.0
A Web app to manage your Two-Factor Authentication (2FA) accounts and generate their security codes
Home Page: https://docs.2fauth.app/
License: GNU Affero General Public License v3.0
Describe the bug
When trying to open the service a 500 | Server error appears.
Hosted via Docker. Using mostly defaults from the Github repo. Logs doesn'ts how any errors. Even when set to debug. Why?
To Reproduce
Steps to reproduce the behavior:
Start newest Docker image from 2fauth/2fauth with the given docker-compose.yml in the Github repo.
Desktop (please complete the following information):
Additional context
Docker logs via
docker logs 2fa -f
supervisord version: v0.6.8
PHP 7.4.26 (fpm-fcgi) (built: Nov 18 2021 21:39:13)
nginx version: nginx/1.20.2
The [/srv/public/storage] link has been connected to [/srv/storage/app/public].
The links have been created.
Configuration cache cleared!
Configuration cached successfully!
time="2022-04-25T08:31:38Z" level=info msg="load configuration from file" file=/etc/supervisor/supervisord.conf
Is your feature request related to a problem? Please describe.
There is no possibility to create new accounts
Describe the solution you'd like
It would be nice the admin could create or invite new members so they can use the same service
Describe alternatives you've considered
Run multiple 2FAuth docker
Describe the solution you'd like
I think this has huge potential, the interface is clean / nice and I love that it only seeks to solve 2FA. The downfall for me is that it's slower than using an auth app and (as the project is so early on) there's little integration. This is more of a suggestion for a potential long-term roadmap:
It would be amazing if this project were to provide TOTP via browser plugins in particular, like BitWarden do, where I can specify applicable URLs and there's a notification on the extension icon that alert the user that there's a TOTP associated with that URL.
Combine this with a copy to clipboard button, and you have the perfect isolated, but easily accessible TOTP client for my money.
Describe alternatives you've considered
There are no real alternatives.
Additional context
Best practice is to keep TOTP and passwords entirely separate and on different storage locations. Not a single password manager provides this as a service that I can find, and I cannot find a single 2FA specific service that has broad integration with browsers and the usage style I mention above.
Hi Bubka!
I am really struggeling with your software. Sorry
On a RPI 4 with Debian 10 64bit I am trying to install 2FAuth
Latest master and the 2.10 release. Both act the same
I believe I did everything correct, but all I get is
A black screen with a 404 and underneath “Resource not found”
I used the google Chrome dev tools and figured out that I can’t reach
http://192.168.0.xxx/api/checkuser
Not Found
The requested URL was not found on this server.
Can you help me with this issue please?
Is file server permissions or database or???
Many thanks in advance
URBANsUNITED
Hi, would it be possible to disable registration for new users? I only want to use this for myself.
Is your feature request related to a problem? Please describe.
I don't like setting up projects when I'm not certain that this is exactly what I'm looking for. Creating a docker-compose.yml description of the services needed will make deploying this app much faster.
Describe the solution you'd like
I would like to have a docker-compose.yml file for easily deploying a fully working instance of this app including its database and php backend for very quick and easy deployment.
Describe alternatives you've considered
I'm not sure if there are any useful alternatives to docker deployment.
Additional context
No additional context.
Is your feature request related to a problem? Please describe.
I'd like to disable the option to create a new account.
Describe the solution you'd like
An option to disable this feature. In the web interface or in the configuration file.
Describe alternatives you've considered
To set a password for the website.
Keep up the good work! :)
Describe the bug
If the email address at login is not written in the exact same way as during sign-up then the login fails. Capitalization should not matter here.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Capitalization should not render the email invalid.
Desktop (please complete the following information):
Current container on dockerhub is x86-64.
For build to run on raspberry pi there needs to be a working build for armv7/armv8 pushed to dockerhub.
Describe the bug
I really like the idea of encrypting the database with my data. However, I came across two problems using it:
If I enable the encryption and try to add a new account by scanning the QR code it seems to work at first. I can see the account and the current code. However, when I click on 'Save' it fails with
"An error occured:
Server Error
Refresh"
When I disable encryption everything works just fine. I noticed that with encryption enabled only the issuer is shown but not the label of the account (both are shown when I disable encryption). I guess for some reason it takes that as an empty string and fails because of that...?
If I add an account without encryption enabled and try to enable it afterwards it fails with
"An error occured:
Encryption failed, your database remains unprotected.
Refresh"
Let me know if you need more info!
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Account gets added successfully.
Server:
Hi,
A docker container would be a nice addition by making installation much easier for new users.
Thanks
Describe the bug
Account creation is rejected when the service parameter is not present in the otpauth URI submitted via QR code live scan or upload.
To Reproduce
Steps to reproduce the behavior:
otpauth://totp/accountname?secret=GJTGC5LUNA
. This is a valid URI following key URI format as only the Label parameter (aka accountname) is mandatoryExpected behavior
The account should be stored
Hello,
great work ! will be even better if we could use it as an extension for our browser browser !
Thanks
Hi,
I had updated the container and now the app fail.
Configuration cache cleared!
Configuration cached successfully!
time="2022-05-10T07:56:36Z" level=info msg="load configuration from file" file=/etc/supervisor/supervisord.conf
192.168.1.127 - - [10/May/2022:07:56:38 +0000] "GET /login HTTP/1.1" 500 44 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0"
192.168.1.127 - - [10/May/2022:07:56:40 +0000] "GET /login HTTP/1.1" 500 44 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0"
192.168.1.127 - - [10/May/2022:07:56:42 +0000] "GET /login HTTP/1.1" 500 44 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0"
192.168.1.127 - - [10/May/2022:07:56:44 +0000] "GET /login HTTP/1.1" 500 44 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0"
Running version latest commit 3923ada built on 2022-05-09T23:16:54Z
supervisord version: v0.6.8
PHP 7.4.26 (fpm-fcgi) (built: Nov 18 2021 21:39:13)
nginx version: nginx/1.20.2
The [/srv/public/storage] link already exists.
The links have been created.
Configuration cache cleared!
Configuration cached successfully!
time="2022-05-10T08:05:40Z" level=info msg="load configuration from file" file=/etc/supervisor/supervisord.conf
192.168.1.127 - - [10/May/2022:08:05:44 +0000] "GET /login HTTP/1.1" 500 44 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0"
Fresh install cannot solve the problem.
Thank you :)
Hi,
I am new to 2FA and looking at this helpful project.
I wonder to known the process of 2FA, when adding a website( E.g Github, Facebook) for a user, who response to generate the QR code (by my understanding, the QR code should contain the information of github url and user name, not sure what else there). if the website itself provide the QR code?
Thanks in advance.
Describe the bug
I only see a blank, white page.
To Reproduce
php artisan ...
(including to generate the key for .env
)..htaccess
file to let localhost/2fauth
act for localhost/2fauth/public
.Expected behavior
I expect the website to show just that, the website, and not a blank, white page.
Additional context
Have I missed something?
The README states that every database that is supported by Lavarel can be used. This in particular includes MySQL (as of today's check).
On the other hand, Commit c24f5b2 drops MySQL support for the container (and I can confirm: It does not work any more). There is some mismatch of information and actual behavior.
Is your feature request related to a problem? Please describe.
When transferring/exporting TOTPs from Google Authenticator, the QR code is not being recognised. This is due to Google Authenticator exporting format is encoded and can be decoded with a simple python script or this migration site which is also open source and generates a QR code to scan afterwards.
Describe the solution you'd like
An integrated converter when recognising otpauth-migration://offline?data=...
pattern from the QR code and import the profile automatically.
Describe alternatives you've considered
Using the simplified python script and manually add the TOTP to the 2fauth app or use the site and scan the resulting QR codes.
Additional context (scanned from Google Authenticator and then hold my fingers in front of the camera)
Is your feature request related to a problem? Please describe.
With the release yesterday, the latest tag was broken. I was attempting to set the is up for the first time an now cannot until the latest tag is fixed
Describe the solution you'd like
Tag images with either build id or version number so we can use previous images if they current latests is broken
Describe alternatives you've considered
N/A
Additional context
Should be able do this in the build pipeline using docker tag and possibly an additional push step
Describe the bug
While running the docker setup as described in the wiki section the 2FA server will spawn but while trying to connect to it the server throws 500 exceptions
To Reproduce
Steps to reproduce the behavior:
docker run -it --rm -p 8000:8000/tcp \ -v $PWD/2fauth:/2fauth 2fauth/2fauth
Expected behavior
see the web interface of the application
Desktop (please complete the following information):
Additional context
Stack trace:
#0 /srv/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php(143): Illuminate\View\Compilers\BladeCompiler->compileString()
#1 /srv/vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php(51): Illuminate\View\Compilers\BladeCompiler->compile()
#2 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(139): Illuminate\View\Engines\CompilerEngine->get()
#3 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(122): Illuminate\View\View->getContents()
#4 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(91): Illuminate\View\View->renderContents()
#5 /srv/vendor/laravel/framework/src/Illuminate/Http/Response.php(62): Illuminate\View\View->render()
#6 /srv/vendor/laravel/framework/src/Illuminate/Http/Response.php(34): Illuminate\Http\Respo...PHP message: PHP Fatal error: Uncaught Error: Call to undefined function Illuminate\View\Compilers\token_get_all() in /srv/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php:232
Stack trace:
#0 /srv/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php(143): Illuminate\View\Compilers\BladeCompiler->compileString()
#1 /srv/vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php(51): Illuminate\View\Compilers\BladeCompiler->compile()
#2 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(139): Illuminate\View\Engines\CompilerEngine->get()
#3 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(122): Illuminate\View\View->getContents()
#4 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(91): Illuminate\View\View->renderContents()
#5 /srv/vendor/laravel/framework/src/Illuminate/Http/Response.php(62): Illuminate\View\View->render()
#6 /srv/vendor/laravel/framework/src/Illuminate/H
172.16.20.162 - - [02/Sep/2021:10:55:36 +0000] "GET / HTTP/1.1" 500 5 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36"
172.16.20.162 - - [02/Sep/2021:10:55:37 +0000] "GET / HTTP/1.1" 500 5 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36"
2021/09/02 10:55:37 [error] 46#46: *1 FastCGI sent in stderr: "PHP message: PHP Fatal error: Uncaught Error: Call to undefined function Illuminate\View\Compilers\token_get_all() in /srv/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php:232
Stack trace:
#0 /srv/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php(143): Illuminate\View\Compilers\BladeCompiler->compileString()
#1 /srv/vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php(51): Illuminate\View\Compilers\BladeCompiler->compile()
#2 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(139): Illuminate\View\Engines\CompilerEngine->get()
#3 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(122): Illuminate\View\View->getContents()
#4 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(91): Illuminate\View\View->renderContents()
#5 /srv/vendor/laravel/framework/src/Illuminate/Http/Response.php(62): Illuminate\View\View->render()
#6 /srv/vendor/laravel/framework/src/Illuminate/Http/Response.php(34): Illuminate\Http\Respo...PHP message: PHP Fatal error: Uncaught Error: Call to undefined function Illuminate\View\Compilers\token_get_all() in /srv/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php:232
Stack trace:
#0 /srv/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php(143): Illuminate\View\Compilers\BladeCompiler->compileString()
#1 /srv/vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php(51): Illuminate\View\Compilers\BladeCompiler->compile()
#2 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(139): Illuminate\View\Engines\CompilerEngine->get()
#3 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(122): Illuminate\View\View->getContents()
#4 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(91): Illuminate\View\View->renderContents()
#5 /srv/vendor/laravel/framework/src/Illuminate/Http/Response.php(62): Illuminate\View\View->render()
#6 /srv/vendor/laravel/framework/src/Illuminate/H
Describe the bug
The autolock feature is enabled even when auth is handle by an auth proxy.
To Reproduce
Steps to reproduce the behavior:
AUTHENTICATION_GUARD=reverse-proxy-guard
autolock
optionExpected behavior
Autolock should be disabled
Hi. Again not the greatest question I guess but how do I enable/serve 2FAuth over HTTPS. I am using it with docker container and run it with following command:
sudo docker run -d -p 80:8000/tcp \
-v /home/ubuntu/2fauth:/2fauth 2fauth/2fauth
which serves it on port 80 and it is accessible on my domain, lets say abc.com (http://abc.com/).
I have also generated certificate for my domain using certbot/letsencrypt but when I try to access https://abc.com/ it simply doesn't load:
Can you please help with the configuration I am missing? Thanks.
Describe the bug
Trying to reset the password results in an error page. I see a 500 error on the POST to /api/password/email in my reverse proxy log and the Laravel log in the container shows a stacktrace:
[2021-09-22 20:48:43] local.ERROR: Class 'DOMDocument' not found {"exception":"[object] (Error(code: 0): Class 'DOMDocument' not found at /srv/vendor/tijsverkoyen/css-to-inline-styles/src/CssToInlineStyles.php:114)
[stacktrace]
#0 /srv/vendor/tijsverkoyen/css-to-inline-styles/src/CssToInlineStyles.php(36): TijsVerkoyen\\CssToInlineStyles\\CssToInlineStyles->createDomDocumentFromHtml()
#1 /srv/vendor/laravel/framework/src/Illuminate/Mail/Markdown.php(71): TijsVerkoyen\\CssToInlineStyles\\CssToInlineStyles->convert()
#2 /srv/vendor/laravel/framework/src/Illuminate/Notifications/Channels/MailChannel.php(101): Illuminate\\Mail\\Markdown->render()
#3 /srv/vendor/laravel/framework/src/Illuminate/Notifications/Channels/MailChannel.php(63): Illuminate\\Notifications\\Channels\\MailChannel->buildView()
#4 /srv/vendor/laravel/framework/src/Illuminate/Notifications/NotificationSender.php(148): Illuminate\\Notifications\\Channels\\MailChannel->send()
#5 /srv/vendor/laravel/framework/src/Illuminate/Notifications/NotificationSender.php(106): Illuminate\\Notifications\\NotificationSender->sendToNotifiable()
#6 /srv/vendor/laravel/framework/src/Illuminate/Support/Traits/Localizable.php(19): Illuminate\\Notifications\\NotificationSender->Illuminate\\Notifications\\{closure}()
#7 /srv/vendor/laravel/framework/src/Illuminate/Notifications/NotificationSender.php(109): Illuminate\\Notifications\\NotificationSender->withLocale()
#8 /srv/vendor/laravel/framework/src/Illuminate/Notifications/NotificationSender.php(79): Illuminate\\Notifications\\NotificationSender->sendNow()
#9 /srv/vendor/laravel/framework/src/Illuminate/Notifications/ChannelManager.php(39): Illuminate\\Notifications\\NotificationSender->send()
#10 /srv/vendor/laravel/framework/src/Illuminate/Notifications/RoutesNotifications.php(18): Illuminate\\Notifications\\ChannelManager->send()
#11 /srv/app/User.php(50): App\\User->notify()
#12 /srv/vendor/laravel/framework/src/Illuminate/Auth/Passwords/PasswordBroker.php(66): App\\User->sendPasswordResetNotification()
#13 /srv/vendor/laravel/ui/auth-backend/SendsPasswordResetEmails.php(36): Illuminate\\Auth\\Passwords\\PasswordBroker->sendResetLink()
#14 [internal function]: App\\Http\\Controllers\\Auth\\ForgotPasswordController->sendResetLinkEmail()
#15 /srv/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(54): call_user_func_array()
#16 /srv/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(45): Illuminate\\Routing\\Controller->callAction()
#17 /srv/vendor/laravel/framework/src/Illuminate/Routing/Route.php(239): Illuminate\\Routing\\ControllerDispatcher->dispatch()
#18 /srv/vendor/laravel/framework/src/Illuminate/Routing/Route.php(196): Illuminate\\Routing\\Route->runController()
#19 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(685): Illuminate\\Routing\\Route->run()
#20 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\\Routing\\Router->Illuminate\\Routing\\{closure}()
#21 /srv/app/Http/Middleware/AvoidPasswordResetInDemo.php(24): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#22 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): App\\Http\\Middleware\\AvoidPasswordResetInDemo->handle()
#23 /srv/app/Http/Middleware/RedirectIfAuthenticated.php(24): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#24 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): App\\Http\\Middleware\\RedirectIfAuthenticated->handle()
#25 /srv/app/Http/Middleware/LogUserLastSeen.php(26): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#26 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): App\\Http\\Middleware\\LogUserLastSeen->handle()
#27 /srv/app/Http/Middleware/LogoutInactiveUser.php(26): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#28 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): App\\Http\\Middleware\\LogoutInactiveUser->handle()
#29 /srv/vendor/laravel/framework/src/Illuminate/Routing/Middleware/SubstituteBindings.php(41): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#30 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Routing\\Middleware\\SubstituteBindings->handle()
#31 /srv/vendor/laravel/framework/src/Illuminate/Routing/Middleware/ThrottleRequests.php(59): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#32 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Routing\\Middleware\\ThrottleRequests->handle()
#33 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#34 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(687): Illuminate\\Pipeline\\Pipeline->then()
#35 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(662): Illuminate\\Routing\\Router->runRouteWithinStack()
#36 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(628): Illuminate\\Routing\\Router->runRoute()
#37 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(617): Illuminate\\Routing\\Router->dispatchToRoute()
#38 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(165): Illuminate\\Routing\\Router->dispatch()
#39 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\\Foundation\\Http\\Kernel->Illuminate\\Foundation\\Http\\{closure}()
#40 /srv/app/Http/Middleware/SetLanguage.php(20): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#41 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): App\\Http\\Middleware\\SetLanguage->handle()
#42 /srv/vendor/fideloper/proxy/src/TrustProxies.php(57): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#43 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Fideloper\\Proxy\\TrustProxies->handle()
#44 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#45 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle()
#46 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#47 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle()
#48 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#49 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize->handle()
#50 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(63): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#51 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode->handle()
#52 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#53 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(140): Illuminate\\Pipeline\\Pipeline->then()
#54 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(109): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter()
#55 /srv/public/index.php(55): Illuminate\\Foundation\\Http\\Kernel->handle()
#56 {main}
To Reproduce
Steps to reproduce the behavior:
At the login page, click the reset password link, enter your email and click send password reset link.
Expected behavior
An email is sent to reset the password
Desktop (please complete the following information):
Hi 👋
Describe the bug
When I try to assign an account with parentheses in the title to a group I get an error.
Account name: Brainstorm Force (Astra)
Error: 500 PATCH /api/group/accounts HTTP/1.0
I removed "(Astra)" from the title and then it worked.
A tiny improvement: The German translation for the "Create new group" button is "Neue Gruppe erstellen".
Expected behavior
It should also work with parentheses in the title.
(It's not important to me that this gets fixed.)
Thanks for this nice tool. 👍
Regards,
Mark
Describe the bug
After a group change 2FAuth notify about data that should be reloaded
To Reproduce
Steps to reproduce the behavior:
Edit
modeMove
Expected behavior
Automatic data reload without user prompt
Describe the solution you'd like
Adding an option to require U2F authentication when signing in would greatly increase the security of 2fauth. Some examples of U2F are Yubikey, Google Titan, etc.
This repository looks like it may work well for this: https://github.com/Firehed/u2f-php
Hi,
Impossible to upload an icone.
2022/05/10 13:43:47 [crit] 46#46: *104 open() "/var/lib/nginx/tmp/client_body/0000000006" failed (13: Permission denied), client: 192.168.1.127, server: 2fauth, request: "POST /api/v1/icons HTTP/1.1", host: "xxxx.localdomain:8041", referrer: "http://xxxxxxx.localdomain:8041/account/2/edit"
How big should the image be? The format maybe?
Thank you
Is your feature request related to a problem? Please describe.
Steam totp is currently not supported because it is 5 digits and is in letters instead of numbers.
Describe the solution you'd like
Support for steam's totp through the custom form with 5 digit pin of letters.
Describe alternatives you've considered
Bitwarden currently has support for this feature which may help with figuring out how to add support. https://community.bitwarden.com/t/question-about-steam-totp-codes/3513
Currently, the installation steps given in README.md do not explain how to deploy to Heroku.
Suggestion:
A Deploy to Heroku button or steps on how to deploy to Heroku can be added to the README.md file.
Since this project requires PHP and Heroku has an option to add PHP, I think this is possible. Please close this issue if it is not possible to deploy this on Heroku.
Describe the bug
Default group setting is not reset if the selected group is deleted
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The Default group setting should be reset to No Group
Screenshots
If applicable, add screenshots to help explain your problem.
Describe the bug
When 2Fauth is configured with MySQL as db, deleting a group which has 2FA accounts fails, error 500 returned.
No error with sqlite.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The group should be deleted
Additional context
Error message:
An error occured:
SQLSTATE[23000]: Integrity constraint violation: 1451 Cannot delete or update a parent row: a foreign key constraint fails (
2fauth
.twofaccounts
, CONSTRAINTtwofaccounts_group_id_foreign
FOREIGN KEY (group_id
) REFERENCESgroups
(id
)) (SQL: delete fromgroups
whereid
= 10)
Describe the bug
When scanning a QR Code there is not apparent way to select which camera to use. In general this is not a problem, but rather an inconvenience. However my surface book 2 automatically selects the infrared camera which does not see the qr code from any screen. I don't see any way to circumvent this except to disable the ir camera hardware (not wanted).
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Screenshots
Since no error occurs there is nothing in the logs or anything. It just doesn't scan anything. Screen only shows B/W IR sensor image.
Desktop:
Smartphone:
Describe the bug
Error 500 when uploading picture file of QR code.
Scanning the QR code with my computer webcam or using the advanced form both work.
To Reproduce
Expected behavior
The file should not result in a 500 error.
Video recoding (600KB):
Desktop (please complete the following information):
Additional context
My 2fauth runs on a Docker image I designed with nginx (config) + php-fpm. Someone else installed 2fauth on a Debian virtual machine (without Docker) and it resulted in the same exact issue (and we did not communicate much on how to set it up either). So I doubt this is a setup issue, except perhaps an Nginx config issue?
I also don't know where to find server error logs, maybe you could enlighten me on this one?
As a side note, I worked on a Docker image which fully works apart from this bug. I'll make a PR to the repo once this bug is fixed. I can also set it up to cross build for ARM machines which would solve a bunch of issues on this repo 😉
Describe the bug
Getting "CSRF token mismatch." error when logging back in after getting kicked out after auto lock. Happend on desktop and mobile Firefox Browser
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Being able to use see and copy the TOTPs instead of the error message.
Desktop:
Smartphone:
Additional context
Refresh button is doing nothing (brings you back to the login page, but it the error will be shown again after sing in untill hard reload of the page)
Describe the bug
'Use a qrcode' feature in standard form do not fill the form and return a HTTP 422 error
To Reproduce
Steps to reproduce the behavior:
Expected behavior
The form is filled with decoded data from the uploaded image
Screenshots
If applicable, add screenshots to help explain your problem.
Desktop (please complete the following information):
any
Smartphone (please complete the following information):
any
Additional context
Add any other context about the problem here.
Describe the bug
issue with logger configuration.
Logs are polluted with a bunch of lines about logger creation:
[2022-05-16 15:50:17] laravel.WARNING: The argument "logger" is deprecated since version 3.3 and will be removed in 4.0. Please use the method "setLogger" instead. in /srv/vendor/web-auth/webauthn-lib/src/AttestationStatement/AttestationObjectLoader.php on line 61
[2022-05-16 15:50:17] laravel.EMERGENCY: Unable to create configured logger. Using emergency logger. {"exception":"[object] (InvalidArgumentException(code: 0): NullHandler must be an instance of Monolog\\Handler\\HandlerInterface at /srv/vendor/laravel/framework/src/Illuminate/Log/LogManager.php:372)
[stacktrace]
Describe the bug
Accounts with long Service name are not handle correctly in Edit mode
To Reproduce
Steps to reproduce the behavior:
Manage
Edit
button and the handle are pushed out of the viewportExpected behavior
Edit button and handle should stay in the viewport regardless of the Service length
Describe the bug
The token generation loop stops when the TOTP period is different from 30s
To Reproduce
Steps to reproduce the behavior:
Expected behavior
A new token should be displayed and the dots blanked
Describe the bug
After updating to v3.0, I am unable to access my old TOTP entries.
To Reproduce
Steps to reproduce the behavior:
Expected behavior
Access TOTP entries from before the upgrade.
Screenshots
If I restore the database and the browser remembers my previous session, I am able to see the entries, but when I click on any one of them, I get the following error:
Desktop (please complete the following information):
Hi,
I followed all the installation steps on the github page and they all went smoothly.
My question is, how do I start 2FAuth? If it helps, I use Apache2 as my main web server.
Thank You
Describe the bug
When telling 2FAuth to use MySQL as database, an exception occurs while running php artisan migrate:refresh
:
Migration table not found.
Migration table created successfully.
Migrating: 2014_10_12_000000_create_users_table
Migrated: 2014_10_12_000000_create_users_table (0.03 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated: 2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2016_06_01_000001_create_oauth_auth_codes_table
Migrated: 2016_06_01_000001_create_oauth_auth_codes_table (0.04 seconds)
Migrating: 2016_06_01_000002_create_oauth_access_tokens_table
Migrated: 2016_06_01_000002_create_oauth_access_tokens_table (0.04 seconds)
Migrating: 2016_06_01_000003_create_oauth_refresh_tokens_table
Migrated: 2016_06_01_000003_create_oauth_refresh_tokens_table (0.04 seconds)
Migrating: 2016_06_01_000004_create_oauth_clients_table
Migrated: 2016_06_01_000004_create_oauth_clients_table (0.03 seconds)
Migrating: 2016_06_01_000005_create_oauth_personal_access_clients_table
Migrated: 2016_06_01_000005_create_oauth_personal_access_clients_table (0.01 seconds)
Migrating: 2017_03_03_100000_create_options_table
Migrated: 2017_03_03_100000_create_options_table (0.02 seconds)
Migrating: 2019_05_16_162730_create_twofaccounts_table
Migrated: 2019_05_16_162730_create_twofaccounts_table (0.01 seconds)
Migrating: 2020_03_25_095517_add_order_column_to_twofaccounts_table
Migrated: 2020_03_25_095517_add_order_column_to_twofaccounts_table (0.02 seconds)
Migrating: 2020_10_05_210557_add_last_seen_to_users_table
Migrated: 2020_10_05_210557_add_last_seen_to_users_table (0.01 seconds)
Migrating: 2020_10_11_202302_add_provider_column_to_oauth_clients_table
Migrated: 2020_10_11_202302_add_provider_column_to_oauth_clients_table (0 seconds)
Migrating: 2020_10_20_210129_create_groups_table
Migrated: 2020_10_20_210129_create_groups_table (0.02 seconds)
Migrating: 2020_10_20_211115_add_group_id_column_to_twofaccounts_table
Illuminate\Database\QueryException
SQLSTATE[HY000]: General error: 3780 Referencing column 'group_id' and referenced column 'id' in foreign key constraint 'twofaccounts_group_id_foreign' are incompatible. (SQL: alter table `twofaccounts` add constraint `twofaccounts_group_id_foreign` foreign key (`group_id`) references `groups` (`id`) on delete set null)
at vendor/laravel/framework/src/Illuminate/Database/Connection.php:671
667| // If an exception occurs when attempting to run a query, we'll format the error
668| // message to include the bindings with SQL, which will make this exception a
669| // lot more helpful to the developer instead of just the database's errors.
670| catch (Exception $e) {
> 671| throw new QueryException(
672| $query, $this->prepareBindings($bindings), $e
673| );
674| }
675|
+12 vendor frames
13 database/migrations/2020_10_20_211115_add_group_id_column_to_twofaccounts_table.php:24
Illuminate\Support\Facades\Facade::__callStatic()
+34 vendor frames
48 artisan:37
Illuminate\Foundation\Console\Kernel::handle()
To Reproduce
Steps to reproduce the behavior:
php artisan migrate:refresh
Expected behavior
Command should complete successfully (it does when using SQLite backend).
Server:
Describe the bug
Applied group filter is not removed if the group is deleted
To Reproduce
Steps to reproduce the behavior:
Test
and move 2 accounts to the groupManage groups
Test
and return to accountsAll
but show only 2 accounts (the ones previously moved to the Test
group)Expected behavior
The applied filter should be removed after the group deletion to show all accounts
Describe the bug
Continued from #16.
Trying to access any page with AUTHENTICATION_GUARD=reverse-proxy-guard
redirects to /login. Trying to login normally leads to a Server Error, then a brief glimpse of /accounts before redirecting back to /login. See the laravel log here. Browser shows all network requests OK except /api/v1/twofaccounts and /api/v1/groups return 401 with "message: Unauthenticated".
To Reproduce
Steps to reproduce the behavior:
Expected behavior
/accounts appears as normal without having to log in
Desktop (please complete the following information):
Smartphone (please complete the following information):
Hi!
I am not able to upload anything to my docker installation.
Version: 04f8e8a
org.opencontainers.image.created | 2021-12-30T09:04:01Z
Icon and QR Code upload:
This error pops up:
2022/01/21 10:50:26 [crit] 60#60: *97 open() "/var/lib/nginx/tmp/client_body/0000000003" failed (13: Permission denied), client: 172.17.0.1, server: 2fauth, request: "POST /api/icon/upload HTTP/1.1", host: "xxx.duckdns.org", referrer: "https://xxx.duckdns.org/account/edit/1"
Log file:
[2022-01-21 10:44:39] local.ERROR: The resource owner or authorization server denied the request. {"exception":"[object] (League\\OAuth2\\Server\\Exception\\OAuthServerException(code: 9): The resource owner or authorization server denied the request. at /srv/vendor/lea> [stacktrace] #0 /srv/vendor/league/oauth2-server/src/AuthorizationValidators/BearerTokenValidator.php(73): League\\OAuth2\\Server\\Exception\\OAuthServerException::accessDenied() #1 /srv/vendor/league/oauth2-server/src/ResourceServer.php(84): League\\OAuth2\\Server\\AuthorizationValidators\\BearerTokenValidator->validateAuthorization() #2 /srv/vendor/laravel/passport/src/Guards/TokenGuard.php(207): League\\OAuth2\\Server\\ResourceServer->validateAuthenticatedRequest() #3 /srv/vendor/laravel/passport/src/Guards/TokenGuard.php(150): Laravel\\Passport\\Guards\\TokenGuard->getPsrRequestViaBearerToken() #4 /srv/vendor/laravel/passport/src/Guards/TokenGuard.php(113): Laravel\\Passport\\Guards\\TokenGuard->authenticateViaBearerToken() #5 /srv/vendor/laravel/passport/src/PassportServiceProvider.php(286): Laravel\\Passport\\Guards\\TokenGuard->user() #6 [internal function]: Laravel\\Passport\\PassportServiceProvider->Laravel\\Passport\\{closure}() #7 /srv/vendor/laravel/framework/src/Illuminate/Auth/RequestGuard.php(58): call_user_func() #8 /srv/vendor/laravel/framework/src/Illuminate/Auth/GuardHelpers.php(60): Illuminate\\Auth\\RequestGuard->user() #9 /srv/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(63): Illuminate\\Auth\\RequestGuard->check() #10 /srv/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(42): Illuminate\\Auth\\Middleware\\Authenticate->authenticate() #11 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Auth\\Middleware\\Authenticate->handle() #12 /srv/vendor/laravel/framework/src/Illuminate/Routing/Middleware/ThrottleRequests.php(59): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #13 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Routing\\Middleware\\ThrottleRequests->handle() #14 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #15 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(687): Illuminate\\Pipeline\\Pipeline->then() #16 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(662): Illuminate\\Routing\\Router->runRouteWithinStack() #17 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(628): Illuminate\\Routing\\Router->runRoute() #18 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(617): Illuminate\\Routing\\Router->dispatchToRoute() #19 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(165): Illuminate\\Routing\\Router->dispatch() #20 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\\Foundation\\Http\\Kernel->Illuminate\\Foundation\\Http\\{closure}() #21 /srv/app/Http/Middleware/SetLanguage.php(20): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #22 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): App\\Http\\Middleware\\SetLanguage->handle() #23 /srv/vendor/fideloper/proxy/src/TrustProxies.php(57): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #24 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Fideloper\\Proxy\\TrustProxies->handle() #25 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #26 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle() #27 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #28 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle() #29 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #30 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize->handle() #31 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(63): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #32 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode->handle() #33 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #34 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(140): Illuminate\\Pipeline\\Pipeline->then() #35 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(109): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter() #36 /srv/public/index.php(55): Illuminate\\Foundation\\Http\\Kernel->handle() #37 {main} "}
Kept strict following the docker install manual.
Adding TOTP by scanning a QR code is no problem, but adding icons or uploading QR Codes.
This is my main user:
uid=1000(urbansunited) gid=1000(urbansunited) Gruppen=1000(urbansunited),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),109(netdev)
$ ls -l
drwx------ 3 urbansunited urbansunited 4096 21. Jan 11:55 2fauth
~/Docker/2fauth$ ls -l
-rw-r--r-- 1 urbansunited urbansunited 98304 21. Jan 11:55 database.sqlite
-rw-r--r-- 1 urbansunited urbansunited 8 21. Jan 11:44 installed
drwxrwxrwx 5 urbansunited urbansunited 4096 21. Jan 11:44 storage
Thanks
URBANsUNITED
Is your feature request related to a problem? Please describe.
An error message is showing up if you click "Forgot your password? Reset it", then type in your email, click "Send password reset link" and be surprised with the error.
Describe the solution you'd like
Is see email related setting in the app.json file, but I did not found this file in my docker volume folder and there does not seem to be docker environment variables to adjust these. So if it email delivery is already implemented, the settings should be adjustable for individual users.
Describe the bug
The Test feature returns an error in the advanced form when the Account or Service field contains a colon.
To Reproduce
Steps to reproduce the behavior:
/account/create
Expected behavior
An OTP password should be displayed
Illuminate\Database\QueryException
could not find driver (SQL: PRAGMA foreign_keys = ON;)
at vendor/laravel/framework/src/Illuminate/Database/Connection.php:671
667| // If an exception occurs when attempting to run a query, we'll format the error
668| // message to include the bindings with SQL, which will make this exception a
669| // lot more helpful to the developer instead of just the database's errors.
670| catch (Exception $e) {
671| throw new QueryException(
672| $query, $this->prepareBindings($bindings), $e
673| );
674| }
675|
1 [internal]:0
Illuminate\Foundation\Application::Illuminate\Foundation{closure}(Object(App\Providers\AppServiceProvider))
+2 vendor frames
4 [internal]:0
Illuminate\Foundation\Application::Illuminate\Foundation{closure}(Object(App\Providers\AppServiceProvider))
root@ip-172-31-91-171:~/2fauth#
I am on Debian 10 Buster
Describe the bug
I'm using the docker installation, and when I try to add any code using the TOTP method, based in time, the generated code never works. Seems it's not synchronized or something like that.
Note: I register all the codes manually, because the docker bug (QR scanning) is still present.
Expected behavior
The generated code works.
Smartphone (please complete the following information):
Aditional information
I have 2FAuth instance (docker) installed locally (LAN), but with internet access. I access the service via VPN when I need it outside.
Describe the bug
Hi there ! I've just made a repository to host my Dockerfile (and docker-compose.yml) for this project. But I can't figure out how to get a proper SQL server working with it.
To Reproduce
Steps to reproduce the behavior:
make
Expected behavior
Make should work and the server should be working localy. But instead, I get this:
2fauth_1 | Illuminate\Database\QueryException
2fauth_1 |
2fauth_1 | could not find driver (SQL: insert into `oauth_clients` (`user_id`, `name`, `secret`, `provider`, `redirect`, `personal_access_client`, `password_client`, `revoked`, `updated_at`, `created_at`) values (?, 2FAuth Personal Access Client, G7....HA, ?, http://localhost, 1, 0, 0, 2021-01-10 20:00:00, 2021-01-10 20:00:00))
2fauth_1 |
2fauth_1 | at vendor/laravel/framework/src/Illuminate/Database/Connection.php:671
2fauth_1 | 667| // If an exception occurs when attempting to run a query, we'll format the error
2fauth_1 | 668| // message to include the bindings with SQL, which will make this exception a
2fauth_1 | 669| // lot more helpful to the developer instead of just the database's errors.
2fauth_1 | 670| catch (Exception $e) {
2fauth_1 | > 671| throw new QueryException(
2fauth_1 | 672| $query, $this->prepareBindings($bindings), $e
2fauth_1 | 673| );
2fauth_1 | 674| }
2fauth_1 | 675|
2fauth_1 |
2fauth_1 | +51 vendor frames
2fauth_1 | 52 artisan:37
2fauth_1 | Illuminate\Foundation\Console\Kernel::handle(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))
Desktop (please complete the following information):
composer:2.0
4a9f73f6a1650d106b0844f2849b9cf091ca880c
)Describe the bug
Using the advanced form, providing a secret in plain text format does not pass validation
To Reproduce
Steps to reproduce the behavior:
azerty
in plain text formatExpected behavior
plain text should be accepted
Additional context
Introduced by v3.0.0
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.