nextcloud / twofactor_admin Goto Github PK

Please add PHP 8.2 support for this app, so I can finally update my Nextcloud instance :-)

The app itself seems to be working fine with PHP 8.2, but missing it here » https://github.com/nextcloud/twofactor_admin/blob/main/appinfo/info.xml#L24 « which seems to be the reason it is shown as "not compatible" and I'd rather not take chances that the update might be borked due to this.

Hi,

I use Nextcloud 16.0.5 with the app twofactor_admin version 0.4.1.

I noticed that after setting keys for multiple accounts a single use of such a key leads to a deletion of all datasets in the "table oc_twofactor_admimn_codes". Furthermore all entries in the table contain the value "0" in the field "id" (which will only work if the mysql runs with applicable strict_mode parameters). So I guess, that the expected auto_increment doesn't work for this field as it should (see the relevant migration files in the app folder of twofactor_admin).

After applying "ALTER TABLE NAME_OF_NEXTCLOUD-DB.oc_twofactor_admin_codes CHANGE id id BIGINT(20) UNSIGNED AUTO_INCREMENT;" all worked as expected.

Regards,
Josef

occ twofactorauth:admin:generate-code

returns

``

There are no commands defined in the "twofactorauth:admin" namespace.

Did you mean this?
twofactorauth

``

Please make a clear and concise description of what the bug is.

==> I got the update proposal to 28.0.1 and "Two-Factor Admin" is reported to be "not compatible" with this release.

Steps to reproduce

1. Install and enable this module with NC 28.0.0
2. Get the update message to NC 28.0.1
3. See the error :D

Expected behaviour

As the application is compatible to the 28 release, this shouldn't be triggered, so the app should be compatible (maybe a bad variable set somewhere ?)

Actual behaviour

App is reported incompatible.

Screenshots

If applicable, add screenshots to help explain your problem.

Server

Please complete the following information.

• Notes app version: 4.4.0
• Nextcloud version: 28.0.0
• OS: Debian
• Web server: Apache
• PHP version: 8.3
• Database: MySQL

Client

Please complete the following information.

• Browser (incl. version): Firefox 121
• OS: Win 11

Log files

Add relevant parts of your nextcloud.log and/or your browser's JavaScript console here.

None needed

Is there a simple way to implement the generation of tokens in the web interface? IMHO it's easier for an admin to use this interface than using the command line interface.
Thank you,
Simon

Related to #176 php8 was introduced in v21. 7.x will continue to be supported for now. Thanks

I just updated to NC15 and got locked out of my Nextcloud instance without access to my backup codes:

After reading everything I could: I found this app, I tried to install via occ and got the same error as listed in another issue: "1067 Invalid default value for 'expires'". I followed your advice in that issue and issued the

ALTER TABLE oc_twofactor_admin_codes CHANGE COLUMN expires expires BIGINT UNSIGNED NOT NULL

command to my mariadb docker to allow me enable the app successfully however now I have a new issue:

When I issue the command "./occ twofactor:admin:generate-code USERNAME" I get the following error:

In AbstractMySQLDriver.php line 115:
  An exception occurred while executing 'INSERT INTO `oc_twofactor_admin_codes` (`user_id`, `code`, `expires`) VALUES(?, ?, ?)' with par
  ams ["USERNAME", "015463", 1544656964]:
  SQLSTATE[HY000]: General error: 1364 Field 'id' doesn't have a default value
In PDOStatement.php line 107:
  SQLSTATE[HY000]: General error: 1364 Field 'id' doesn't have a default value
In PDOStatement.php line 105:
  SQLSTATE[HY000]: General error: 1364 Field 'id' doesn't have a default value

Any help would be greatly appreciated as I am now locked out of my server

Hi,

first of all this app is awesome as it helps a lot. We all know that the "average user" does not want to get involved in technical stuff. All they want is, that things are working.

I installed the app today on our company DEV NC system and did some tests. I immediately noticed that there seems to be a problem with the newly created table in the database.

When issuing the command sudo -u apache php occ twofactorauth:admin:generate-code username I get an SQL error message as follows:

In AbstractMySQLDriver.php line 122:

  An exception occurred while executing 'INSERT INTO `oc_twofactor_admin_codes` (`user_id`, `code`, `expires`) VALUES(?, ?, ?)' with params ["username", "205369", 1559907659]:

  SQLSTATE[HY000]: General error: 1364 Field 'id' doesn't have a default value


In PDOStatement.php line 143:

  SQLSTATE[HY000]: General error: 1364 Field 'id' doesn't have a default value


In PDOStatement.php line 141:

  SQLSTATE[HY000]: General error: 1364 Field 'id' doesn't have a default value


twofactorauth:admin:generate-code <uid>

I went to check in the database and noticed that the error message is right, the field id does not have a default value nor an auto_increment (which wouldn't make any sense anyway)

What I did to fix this error message, I just added a default value of 0 to the field id in the database and could execute the above command without any further issues. Maybe this could be fixed in the next version.

Versions
Nextcloud: 16.0.1
2FA Admin: 0.3.0

Hello,
Would it be possible to follow instructions on:
https://docs.nextcloud.com/server/latest/developer_manual/basics/front-end/l10n.html
...and make your app more accessible for non-English speakers please?

Thanks :-)

Clarification question on Admin documentation for the Two Factor Admin App.
https://nextcloud-twofactor-admin.readthedocs.io/en/latest/Admin%20Documentation/

If the Two Factor Admin app is installed, is the option to reset a user available to an admin user (eg a user who is a member of the Admin group) via the regular web interface?

Or is the Two Factor Admin capability only usable via the occ commandline?
Thanks

On my NC24b3 instance running on Arch linux with PHP 8.1, upon occ app:enable twofactor_admin and despite of adding twofactor_admin to the app_install_overwrite array in config/config.php I cannot enable the app since this requirement cannot(?) be overruled:

cannot be installed because the following dependencies are not fulfilled:
PHP with a version lower than 8.0 is required.

This is due to appinfo/info.xml reading

<php min-version="7.2" max-version="8.0"/>
<nextcloud min-version="17" max-version="23"/>

Please change appinfo/info.xml to

<php min-version="7.3" max-version="8.1"/>
<nextcloud min-version="21" max-version="24"/>

according to the most recent app upgrade guide.

I'm not doing a PR since I cannot check or tell whether anything else must be changed (although I don't expect it). Manually changing appinfo/info.xml and enabling the app works fine for me with NC24 and PHP8.1.

Code generations throws this error:

$ sudo -u www-data php ./occ twofactorauth:admin:generate-code test

In AbstractMySQLDriver.php line 115:

  An exception occurred while executing 'INSERT INTO `oc_twofactor_admin_codes` (`user_id`, `code`, `expires`) VALUES(?, ?, ?)' with params ["test", "396811", 1541020156]:  
  SQLSTATE[HY000]: General error: 1364 Field 'id' doesn't have a default value                                                                                               
                                                                                                                                                                             
In PDOStatement.php line 107:
  SQLSTATE[HY000]: General error: 1364 Field 'id' doesn't have a default value  

In PDOStatement.php line 105:
  SQLSTATE[HY000]: General error: 1364 Field 'id' doesn't have a default value 

Database backend is mysql 5.7 (from ubuntu repository)

This Migration creates the table with autoincrement:
https://github.com/ChristophWurst/twofactor_admin/blob/stable0.1/lib/Migration/Version0Date20180907071626.php

But after this Migration, the autoincrement is missing:
https://github.com/ChristophWurst/twofactor_admin/blob/stable0.1/lib/Migration/Version1Date20180907092152.php

Hello there,

NC 20.06 claims there is no update available for this plugin.

@ChristophWurst
Is it really incompatible or can somebody please push an update?

Best
Tom

Please officially test and release for NC 23 :) Thanks!

Issue regarding generation of codes.
When I fill in a user I get the error: Could not generate a code: unknown error

This is the info I can give now, if you need more logs let me know.

Nextcloud log tells:

[index] Error: Doctrine\DBAL\Exception\NotNullConstraintViolationException: An exception occurred while executing 'INSERT INTO oc_twofactor_admin_codes (user_id, code, expires) VALUES(?, ?, ?)' with params ["*** REMOVED ***", "190884", 1585232958]:

SQLSTATE[HY000]: General error: 1364 Field 'id' doesn't have a default value at <>

0. /var/www/nextcloud/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/DBALException.php line 169
   Doctrine\DBAL\Driver\AbstractMySQLDriver->convertException("An exception oc ... e", Doctrine\DBAL\Dr ... ]})
1. /var/www/nextcloud/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/DBALException.php line 145
   Doctrine\DBAL\DBALException::wrapException(Doctrine\DBAL\Driver\PDOMySql\Driver {}, Doctrine\DBAL\Dr ... ]}, "An exception oc ... e")
2. /var/www/nextcloud/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Connection.php line 1063
   Doctrine\DBAL\DBALException::driverExceptionDuringQuery(Doctrine\DBAL\Driver\PDOMySql\Driver {}, Doctrine\DBAL\Dr ... ]}, "INSERT INTO `oc ... )", {1: "*** REMOVED ***",2: "190884",3: 1585232958})
3. /var/www/nextcloud/lib/private/DB/Connection.php line 220
   Doctrine\DBAL\Connection->executeUpdate("INSERT INTO `oc ... )", ["*** REMOVED ***","190884",1585232958], [2,2,2])
4. /var/www/nextcloud/3rdparty/doctrine/dbal/lib/Doctrine/DBAL/Query/QueryBuilder.php line 203
   OC\DB\Connection->executeUpdate("INSERT INTO `oc ... )", {dcValue1: "*** REMOVED *** ... 8}, {dcValue1: 2,dcValue2: 2,dcValue3: 2})
5. /var/www/nextcloud/lib/private/DB/QueryBuilder/QueryBuilder.php line 215
   Doctrine\DBAL\Query\QueryBuilder->execute()
6. /var/www/nextcloud/lib/public/AppFramework/Db/QBMapper.php line 126
   OC\DB\QueryBuilder\QueryBuilder->execute()
7. /var/www/nextcloud/apps/twofactor_admin/lib/Service/CodeStorage.php line 71
   OCP\AppFramework\Db\QBMapper->insert(OCA\TwoFactorAdmin\Db\Code {id: null})
8. /var/www/nextcloud/apps/twofactor_admin/lib/Controller/AdminCodeController.php line 96
   OCA\TwoFactorAdmin\Service\CodeStorage->generateCode(OC\User\User {})
9. /var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php line 170
   OCA\TwoFactorAdmin\Controller\AdminCodeController->create("*** REMOVED ***")
10. /var/www/nextcloud/lib/private/AppFramework/Http/Dispatcher.php line 99
    OC\AppFramework\Http\Dispatcher->executeController(OCA\TwoFactorAdm ... {}, "create")
11. /var/www/nextcloud/lib/private/AppFramework/App.php line 125
    OC\AppFramework\Http\Dispatcher->dispatch(OCA\TwoFactorAdm ... {}, "create")
12. /var/www/nextcloud/lib/private/AppFramework/Routing/RouteActionHandler.php line 47
    OC\AppFramework\App::main("OCA\TwoFactorA ... r", "create", OC\AppFramework\ ... {}, {_route: "twofac ... "})
13. <>
    OC\AppFramework\Routing\RouteActionHandler->__invoke({_route: "twofac ... "})
14. /var/www/nextcloud/lib/private/Route/Router.php line 299
    call_user_func(OC\AppFramework\ ... {}, {_route: "twofac ... "})
15. /var/www/nextcloud/lib/base.php line 1008
    OC\Route\Router->match("/apps/twofactor_admin/api/admin/code")
16. /var/www/nextcloud/index.php line 38
    OC::handleRequest()

POST /nextcloud/index.php/apps/twofactor_admin/api/admin/code

I managed to lock myself out after an update, because the 2FA-provider I was using on my admin account was not enabled after the update. Unfortunately, the whole procedure was very misleading, it said that I don't have 2FA enabled. However, it was enabled before the update, so I was a bit confused.

It would be great that this feature is a bit more user friendly, e.g.:

• a user without 2FA logs in, it just helps to configure a 2FA method right away
• if configured 2FA method for an admin is not available (as well as for all other admins), let the admin login anyway to get the Nextcloud running again. Or use a verification via mail.
• if you enforce 2FA, make sure the admin account already uses 2FA, if not this happens https://help.nextcloud.com/t/i-locked-myself-out/46170
• don't enforce 2FA after an update, if not all 2FA providers are available that were before

Hi @ChristophWurst

I tested the new version (0.4.1) yesterday by creating a one-time code via the web interface. The code generated fine and I could use this code to login as well.

Now when I try to login, it still gives me the option, to use a admin generated one-time code, despite there not being a code in the database. The table oc_twofactor_admin_codes is empty.

Reproduction steps:

I have three users; admin, user1 and user2

I logged in with the admin user to generate a one-time code for user1 - Now I used another browser to login with user1 and chose admin one-time code option and could login fine.

Now when I try to login with user1 it still comes up with the admin one-time code option whereas user2 doesn't have that option.

It looks like something got stuck somewhere for user1 and now it always offers that user to use a admin one-time code despite there is none.

What could this be?

Screenshot:

user1

user2

Nextcloud 14.0.4 docker image (official)
MariaDB docker image (official)

An exception occurred while executing 'ALTER TABLE oc_twofactor_admin_codes CHANGE expires expires BIGINT UNSIGNED DEFAULT NULL NOT NULL': SQLSTATE[42000]: Syntax error or access violation: 1067 Invalid default value for 'expires'

Could it be that "DEFAULT NULL NOT NULL" is the issue here?

MariaDB [nextcloud]> describe oc_twofactor_admin_codes;                                                                                                                           
+---------+---------------------+------+-----+---------+-------+                                                                                                                  
| Field   | Type                | Null | Key | Default | Extra |                                                                                                                  
+---------+---------------------+------+-----+---------+-------+                                                                                                                  
| id      | bigint(20) unsigned | NO   | PRI | NULL    |       |                                                                                                                  
| user_id | varchar(64)         | NO   | PRI | NULL    |       |                                                                                                                  
| code    | varchar(6)          | NO   |     | NULL    |       |                                                                                                                  
| expires | bigint(20) unsigned | YES  |     | NULL    |       |                                                                                                                  
+---------+---------------------+------+-----+---------+-------+                                                                                                                  
4 rows in set (0.002 sec)                                          

Originally posted by @Miesepies in #20 (comment)

Please add support. Thanks!

Updated from 20.0.4 and now it won't show up in the gui, and using occ gives a database error.

An exception occurred while executing 'SELECT COUNT(*) FROM oc_twofactor_a dmin_codes WHERE user_id = ?' with params ["xxxxxxx": ] SQLSTATE[42S02: Base table or view not found: 1146 Table 'nextcloud.oc_two ] factor_admin_codes' doesn't exist In PDOStatement.php line 129: SQLSTATE[42S02: Base table or view not found: 1146 Table 'nextcloud.oc_two ] factor_admin_codes' doesn't exist In PDOStatement.php line 127: SQLSTATE[42S02: Base table or view not found: 1146 Table 'nextcloud.oc_two ] factor_admin_codes' doesn't exist

Hello,

I generated an one-time-admin-code, but when i want to login with this code, there is no chance to use it. I can only use TOTP (Authenticator app) and backup-codes, but only when backup-codes were generated.
In oc_twofactor_providers there is activated admin, totp and for some useres also backup_codes. And in oc_twofactor_admin_code I can find the generated code for this user.
I can reproduce this problem with diffrent users.

What could this be?
Thank you.

Hi,

I use this app for a long time now, but today I realized that the installed version is "0.2.1" and Nextcloud 26.0.4 says "This app is up to date". If I disable and remove the app, it's only possible to install the 0.2.1-version. In config.php was an exclusion for updating the twofactor_admin-app (via app_install_overwrite), I removed it, restarted - but no changes, I'm unallowed to download the current version 4.2.0.
Any ideas?

Thanks in advance

Hi
When looking at Two Factor Admin, I came to this page in the NextCloud appstore
https://apps.nextcloud.com/apps/twofactor_admin

There are various links at bottom of the page including one
Label: Ask questions or discuss
Link: https://help.nextcloud.com/c/apps/twofactor-admin

However if you take that link you get an error message:-
Oops! That page doesn’t exist or is private.

(So someone with a question, like me, ends up using this Issues channel for questions).

Hi

I get this error on install:
App "Two-Factor Admin Support" cannot be installed because the following dependencies are not fulfilled: Following databases are supported: sqlite, mysql
However I have installed mysql-server via apt. I could not find any more details about the installation for this App. Do I somewhere enter mysql details in a config file? Do I have to create a Database for it?

Clarification question on Admin documentation
https://nextcloud-twofactor-admin.readthedocs.io/en/latest/Admin%20Documentation/

If the Two Factor Admin app is installed, is the option to reset a user available to an admin user (eg a user who is a member of the Admin group) via the regular web interface?

Or is the Two Factor Admin capability only usable via the commandline?
Thanks

Hello,

We have been using this solution a lot in order to enforce 2FA. But almost 50% of the times (mostly when we create new accounts) the one-time code doesnt work. The error that gets returned reads as follows:

“Error while validating your second factor”

I have been creating new test accounts and immediately logged into them to find its working, but it's not working for other users sometimes. (When they report, I log in with their account and use the code I gave them, and it doesn't work until I make a new one)

Please have a look at this.

Seems it was disabled because of #20 in 78e8250 but it should be fine now.

Hi, when I try to enable this app, I get the following error:
SQLSTATE[42704]: Undefined object: 7 ERROR: index "primary" does not exist

My database back-end is postgres.

Hello,
this is a great App an since we´ve enabled 2FA we use it regular.
Is there a possibility to add a function to allow a certain group, who are not admins, to generate codes via the WebUI?
We are a Nextcloud enterprise customer and search for a solution to let our ServiceDesk generate Admin Codes.
Thanks a lot!

I deployed nextcloud as a docker image from Truenas scale, enabled 2fa but when i try to install this admin module i get:

App "Two-Factor Admin Support" cannot be installed because the following dependencies are not fulfilled: The following databases are supported: sqlite, mysql

Since i cannot pick the DB type due it being picked for me, can we get Postgres support added, this should be easy as its not much different from MySql