Comments (17)
Hi,
I made no change to the encryption feature from v5.0.4 to v5.1.0, this is really unexpected.
Do you have a backup of your .env
file to confirm the value of APP_KEY has not changed?
from 2fauth.
The App key is the same as before. I saved a backup of the key.
Thanks for quick reply!
If there is no solution for this, I can reimplement the codes (they're not so many).
from 2fauth.
Are you confortable with source code editing? I would like you to test something.
- Edit the file
[2fauth_install_dir]/app/Models/TwoFAccount.php
- Line 753, replace this bloc:
with
} catch (Exception $ex) { return __('errors.indecipherable'); }
} catch (Exception $ex) { Log::error(sprintf('Decrypt failed: %s', $ex->getMessage())); return __('errors.indecipherable'); }
- Save the file and reload 2FAuth in your browser.
- Open the today's log file in
[2fauth_install_dir]/storage/logs/laravel-2024-03-18.log
- Search for the line which contain the string
Decrypt failed:
.
What other information does this line provide?
from 2fauth.
No problem. Log is placed and returns:
[2024-03-18 15:30:48] local.ERROR: Decrypt failed: The MAC is invalid.
[2024-03-18 15:30:48] local.ERROR: Decrypt failed: The MAC is invalid.
[2024-03-18 15:30:48] local.ERROR: Decrypt failed: The MAC is invalid.
[2024-03-18 15:30:48] local.ERROR: Secret cannot be deciphered, OTP generation aborted
[2024-03-18 15:30:48] local.ERROR: {"userId":1,"exception":"[object] (App\\Exceptions\\UndecipherableException(code: 0): at /home/PATH_TO_2FAUTH/app/Models/TwoFAccount.php:363)
[stacktrace]
#0 /home/PATH_TO_2FAUTH/vendor/laravel/framework/src/Illuminate/Support/Traits/ForwardsCalls.php(23): App\\Models\\TwoFAccount->getOTP()
...
from 2fauth.
Ok thx.
How is set your Show password setting? After a click/tap
? Constantly
?
If Constantly
, please switch to After a click/tap
, I wan't to know if all the records are broken are just one of them.
FYI: The url to the settings page is /settings/options
from 2fauth.
I can't access /settings/options
because of the error, but /admin/users/
with another user works. I am not sure which option is Show password, but here are the preferences of the user:
showOtpAsDot: true
revealDottedOTP: true
closeOtpOnCopy: false
copyOtpOnDisplay: false
clearSearchOnCopy: false
useBasicQrcodeReader: true
displayMode: list
showAccountsIcons: true
kickUserAfter: 15
activeGroup: 0
rememberActiveGroup: true
viewDefaultGroupOnCopy: false
defaultGroup: 0
defaultCaptureMode: advancedForm
useDirectCapture: false
useWebauthnOnly: false
getOfficialIcons: true
theme: light
formatPassword: true
formatPasswordBy: 0.5
lang: de
getOtpOnRequest: false
I also added the Variables section to the issue description, as I seen them.
from 2fauth.
I looked up the label and Show password stands for otp_generation
at /resources/lang/en/settings.php#L135 . Which I set to 'otp_generation_on_request' => 'After a click/tap',
if I remember correctly.
from 2fauth.
I looked up the label and Show password stands for
otp_generation
at /resources/lang/en/settings.php#L135 . Which I set to'otp_generation_on_request' => 'After a click/tap',
if I remember correctly.
Ignore that I found the getOtpOnRequest: false
at the bottom and "getOtpOnRequest": false,
at the database table for users.
I set it to true
and I can now access the dashboard. It contains the OTP entries and warns with "not readable":
from 2fauth.
ok, so all records are locked😞
Do you have a backup of the whole .env
file made before the update? If so try to restore it please.
from 2fauth.
Not a current backup. There are some changes to SMTP and Database vars.
I compared it with the current file and nothing changed except the above.
from 2fauth.
What kind of change for the db? location? Type?
from 2fauth.
Type: SQLite to MySQL. SQLite was never used. This change was part of the setup and before the update.
from 2fauth.
Can you check the encoding please. Does it change between the 2 files?
from 2fauth.
I do not have the old .env
as a file backup. I compared env.example
with .env
, because the file was not modified since install.
Both return with file -bi .env
: text/plain; charset=us-ascii
from 2fauth.
I'm running out of options... The last reason I think about is a cached key.
Previous versions of 2FAuth provided a .env.example
file to start from. This APP_KEY
was preset with SomeRandomStringOf32CharsExactly
, so if the instance has been running before the APP_KEY
has been changed, maybe the preset value has been cached and used all that time while you had changed APP_KEY
after the first run.
Try it, we'll know: set your APP_KEY
to SomeRandomStringOf32CharsExactly
. Does it fix the issue?
from 2fauth.
I set APP_KEY=SomeRandomStringOf32CharsExactly
and cleared config, cache and view with artisan. Nothing changed.
I looked up my .env.example and it contains no key: APP_KEY=
, which breaks the app.
I recreate my 2 OTPs now. Thanks for your help anyway :)
from 2fauth.
Ok.
Don't know if you had a dump of your DB. If not, you should have (at least) one so you can restore/rollback if something goes wrong.
from 2fauth.
Related Issues (20)
- 403 Forbidden {message: "unauthorized"} HOT 3
- Install with Docker Compose : problem to connect/use database.sqlite HOT 5
- Add outgoing email testing from the UI HOT 1
- 2fauth + NGINX reverse proxy = 502 error HOT 1
- Mail Password Format HOT 1
- Secret Type Format
- Blank screen after update from 5.0.3 to 5.0.4 HOT 10
- "Check now" button is untranslatable HOT 1
- Add a route to clear cache from browser
- Add a "keep SSO registration enabled" setting HOT 1
- Cannot access database after upgrading v3 to v5 (self host to docker) --> No account found using this email. HOT 3
- app/Policies/OwnershipTrait contains a bug, i think HOT 9
- Add support for FreeOPT+ json exports HOT 1
- 5.1 SSO: Authentication via SSO rejected HOT 8
- Admin panel not working when using security device
- "Keep SSO registration enabled" is not saved
- Add pagination to /accounts page HOT 4
- Last admin can demote to user, leaving the instance administratorless
- Accounts visibility HOT 1
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from 2fauth.