Defect #36814
Can't login in after upgrading to rev. 21486
Status: | New | Start date: | ||
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | - | % Done: | 0% | |
Category: | - | |||
Target version: | - | |||
Resolution: | Affected version: |
Description
Hello,
I previously enabled 2fa with Google Authenticator and it worked smoothly.
After upgrading to rev.21486 I can no longer log in with the ga generated code.
The error message is "Invalid or outdated code".
How can I get rid of this?
Is there a way to disable 2fa without logging into Redmine?
thanks.
History
#1
Updated by Go MAEDA 3 months ago
I cannot reproduce the issue for now.
You can forcefully disable two-factor authentication if you can access the console of your Redmine server. Please follow the steps below:
Go go the installation directory of Redmine and start a Rails console.
cd path/to/redmine bin/rails c -e production
Enter the following lines in the Rails console. The example below disables two-factor authentication for the user 'jsmith'.
user = User.find_by(login: 'jsmith') require 'redmine/twofa/base' twofa = Redmine::Twofa::Base.new(user) twofa.destroy_pairing_without_verify! exit
#2
Updated by ChunChang Lo 3 months ago
- File 2022-03-21_20-22-07.png added
Hello,
The code snippet works.
After disabling 2fa authentication for my account, it ask me to set it up again.
(I enabled this option for administrators when I tried to translate label_required_administrators, see #36606).
After I scanned the QR code in Google Authenticator and enter code shown in GA, it won't accept the code.
So, it seems that I need to disable this setting too.
Thanks in advance.
#3
Updated by ChunChang Lo 3 months ago
Hi,
I figured it out.
$ mysql -u myredmineuser -p
Enter password: myredminepassword
MariaDB [(none)]> use redmine
MariaDB [redmine]> update settings set value = 0 where name = 'twofa';
I can login to my Redmine site again. :)
It is very strange that the 2fa setting page won't accept any code from Google Authenticator & Authy.
#5
Updated by ChunChang Lo 3 months ago
Go MAEDA wrote:
Are the clocks of your devices correct?
yes, the system time (iphone & pc) is the same. (ntp to the same timezone, Taipei UTC+8).
just tried again, and both google authenticator & authy are failed (the 2fa settings page doesn't accept codes from the app).
the error message is the same as '2022-03-21_20-22-07.png'.
BTW, the redmine server uses UTC & all admin accounts uses Taipei UTC+8 in the account's preferences.
#6
Updated by ChunChang Lo 3 months ago
- File 2022-03-24_11-28-40.png added
Strangely, 2fa can be enabled again after updating to rev.21497.