NodeBB 2factor plugin issues
-
We've started building our forum out a couple of months ago with 2.x (the latest at the time) and when we tested the 2factor plugin we found it wasn't working properly. When we upgraded to 3.x we simply didn't bother with 2factor, but we'd really like to get it working properly.
Some background information:
- NodeJS version: 16.20.0
- NodeBB Version: 3.1.4
- Plugins:
Active plugins: * @nodebb/[email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, disabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, disabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, disabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled) * [email protected] (installed, enabled)And we get the following error in the log:
error: [plugins] Error executing 'static:sockets.validateSession' in plugin 'nodebb-plugin-2factor' Error: [[2factor:second-factor-required]] at plugin.checkSocket (/usr/src/app/node_modules/nodebb-plugin-2factor/library.js:210:9) at processTicksAndRejections (node:internal/process/task_queues:96:5) at async Object.fireStaticHook [as static] (/usr/src/app/src/plugins/hooks.js:209:5) at async Hooks.fire (/usr/src/app/src/plugins/hooks.js:105:17) at async validateSession (/usr/src/app/src/socket.io/index.js:210:17) at async onConnect (/usr/src/app/src/socket.io/index.js:88:3)The symptom that we're seeing is that after the user enters the pin they will get redirected back to the sign-in again for seeming no reason.
-
So something I've learned about this issue is that it only happens if you click on "Verify" or hit the enter key after typing in your code. Allowing it to do the verification automatically on its own results in the user being allowed in and it's working just fine that way. Seems to be a pretty big UX issue there but workable.
