dburles / meteor-two-factor Goto Github PK
View Code? Open in Web Editor NEW๐ Two factor authentication package for accounts-password
Home Page: https://atmospherejs.com/dburles/two-factor
License: MIT License
๐ Two factor authentication package for accounts-password
Home Page: https://atmospherejs.com/dburles/two-factor
License: MIT License
The following event results in an error. The normal code generation works perfectly
'click #resend-security-code'(e) {
e.preventDefault();
twoFactor.getNewAuthCode(error => {
if (error) {
bootbox.alert(error.reason);
this.state.securityBtnCheckWaiting = false;
}
});
}
Exception in delivering result of invoking 'twoFactor.getAuthenticationCode': TypeError: handlerCb is not a function
Hello,
My app has 2 account types allowed:
I am trying to put some logic in validateLoginAttempt which doesn't seem to be firing based except if it is resume login attempt. Am I doing something wrong?
It also seems that Accounts.onLogin callback does not fire at all for accounts through 2FA. Is that expected?
Please let me know.
thanks !
Great stuff otherwise, thanks for putting this together !
Antoine
Hi again @dburles,
You helped me a month ago with a compatibility issue with aldeed:collection2-core
: thanks.
Sorry for this newbie question (not an issue...), but I can't understand how on server side, allowing regular sign in.
I can't figure how to define the twoFactorEnabled
property. And how to set my options?
// Optional
// Conditionally allow regular or two-factor sign in
twoFactor.validateLoginAttempt = options => {
return !! options.user.twoFactorEnabled;
};
My idea is to allow regular login for the users who don't have a phone number (profile.phone
): cause in my App, the code is sended by sms.
Can you help me?
Thanks in advance for reading me so far.
Hello! I found your package very useful, thank you for it!
But I got a problem I can't find a way to solve.
For created user instead of logginWithPassword after email and password submit I want to confirm his email for signIn:
-> I'm using getAuthCode instead of ligginWithPassword:
-> afterwards I can get user and code in sendCode:
-> then, I'm getting email with a link to my component where I can read token from route:
-> after I'm following the link where my verification component trying to veryfyAndLogin
I think that selector doesn't have access to state and can't provide such data as 'user' and 'password' to login. I think that I don't understand it properly and hope on your help!
Will be glad to contact in telegram if smth.
My contacts: +375(29)182-52-97 / chelovekdrakon.
Sincerely Fiodar Morau.
Add client API method for canceling verification process:
IMO it has to do two things:
This will allow new login attempt with another account.
can create PR if help needed
When I create my custom login method I get Login Forbidden while using this package.
What could be the problem?
user
argument should be object with username
or email
property. Cause current way deny us to use @
in username.I can prepare PR if needed.
It seems the plugin clears the Meteor.user
on page refresh. Anyone has facing this issue before?
Hi, thanks for the great works you have done making this package.
I'd like to know if is possible to use the default Meteor.loginWithPassword
in conjunction while using this package whitin a project. Actually when I try to create two different login sections, one using two-factor and one using the default Meteor login, I get a login forbidden
error using Meteor.loginWithPassword
.
I've got meteor-two-factor working, it's great -- but I need to have a person be able to log in without 2FA. I've gone over this and tried a bunch of things, but it seems to me that this line in verifyCodeAndLogin on the server side
Line 91 in c7c645e
What am I missing here? Does anyone have this working? Thanks!
Hi David ,
First, thank you for your job, your 2FA plugin works great !
Since two days ago, I tried to implement the aldeed:collection2-core plugin (pretty mainstream in meteor dev...). Here's my issue :
The creation of a user works & the new schema is attached to the user.
But I'm unable to log in my account: the first login step works great, I receive the code, but the verify step give me a 403 error
Error: Invalid code [403] at [object Object].twoFactorVerifyCodeAndLogin (packages/dburles:two-factor/server.js:87:13)
So this line is:
if (options.code !== user[fieldName]) { // 86
throw new Meteor.Error(403, "Invalid code"); // 87
} // 88
At the end of my user schema, if I comment the last line
Meteor.users.attachSchema(Schema.User);
everything is back to normal - like a charm. But obviously, the new user schema is not attached to the user...
Any idea of what is going on ?
Help me Obi Wan Kanobi.
In details, in the Method twoFactor.verifyCodeAndLogin :
userId : null
params : [{"user":{"email":"[email protected]"},"password":"passpass","code":"234926"}]
coll : users
func : find
selector : {"emails.address":"[email protected]"}
-the fetch on users return:
coll : users
selector : {"emails.address":"[email protected]"}
func : fetch
cursor : true
limit : 1
docsFetched : 1
docSize : 516
message: Invalid code [403]
stack:
Error: Invalid code [403]
at [object Object].twoFactorVerifyCodeAndLogin (packages/dburles:two-factor/server.js:87:13)
at [object Object].methodMap.(anonymous function) (packages/meteorhacks_kadira.js:2731:30)
at maybeAuditArgumentChecks (packages/ddp-server/livedata_server.js:1711:12)
at packages/ddp-server/livedata_server.js:711:19
at [object Object]._.extend.withValue (packages/meteor.js:1122:17)
at packages/ddp-server/livedata_server.js:709:40
at [object Object]._.extend.withValue (packages/meteor.js:1122:17)
at packages/ddp-server/livedata_server.js:707:46
at Session.method (packages/ddp-server/livedata_server.js:681:23)
at packages/meteorhacks_kadira.js:2619:38
Upgrade from 1.1.1 to 1.1.2 will cause login forbidden after sending verification code.
Login forbidden is thrown by meteor.
I downgraded to 1.1.1 and everything work like expected.
If the user reloads the Page the code is invalid. What about saving auth state in localStorage?
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.