magento2-module-disabletwofactorauth icon indicating copy to clipboard operation
magento2-module-disabletwofactorauth copied to clipboard

Published 20 hours ago verified publisher icon markshust

Does not patch rest api

Open Vindfrisk opened this issue 4 years ago • 13 comments

Not sure if you intended to also patch this? Anyhow you cant create REST tokens because of 2fa limitation. See response below.

{
    "message": "Please ask an administrator with sufficient access to configure 2FA first",
    "trace": "#0 [internal function]: Magento\\TwoFactorAuth\\Model\\AdminAccessTokenService->createAdminAccessToken()\n#1 /var/www/magento2/vendor/magento/module-webapi/Controller/Rest/SynchronousRequestProcessor.php(95): call_user_func_array()\n#2 /var/www/magento2/vendor/magento/module-webapi/Controller/Rest.php(188): Magento\\Webapi\\Controller\\Rest\\SynchronousRequestProcessor->process()\n#3 /var/www/magento2/vendor/magento/framework/Interception/Interceptor.php(58): Magento\\Webapi\\Controller\\Rest->dispatch()\n#4 /var/www/magento2/vendor/magento/framework/Interception/Interceptor.php(138): Magento\\Webapi\\Controller\\Rest\\Interceptor->___callParent()\n#5 /var/www/magento2/vendor/magento/framework/Interception/Interceptor.php(153): Magento\\Webapi\\Controller\\Rest\\Interceptor->Magento\\Framework\\Interception\\{closure}()\n#6 /var/www/magento2/generated/code/Magento/Webapi/Controller/Rest/Interceptor.php(26): Magento\\Webapi\\Controller\\Rest\\Interceptor->___callPlugins()\n#7 /var/www/magento2/vendor/magento/framework/App/Http.php(116): Magento\\Webapi\\Controller\\Rest\\Interceptor->dispatch()\n#8 /var/www/magento2/generated/code/Magento/Framework/App/Http/Interceptor.php(24): Magento\\Framework\\App\\Http->launch()\n#9 /var/www/magento2/vendor/magento/framework/App/Bootstrap.php(263): Magento\\Framework\\App\\Http\\Interceptor->launch()\n#10 /var/www/magento2/pub/index.php(40): Magento\\Framework\\App\\Bootstrap->run()\n#11 {main}"
}

Vindfrisk avatar Aug 18 '20 19:08 Vindfrisk

Thanks for the issue report @Vindfrisk. Yes, I'll keep this issue open and will take any PR's that make this work. I would think this module should disable any functionality of 2FA no matter where it is.

markshust avatar Aug 26 '20 14:08 markshust

@markshust @Vindfrisk do you guyz have any luck with it ? If not then i can create the patch and submit PR for it ?

zeeshan2523806 avatar Nov 09 '20 06:11 zeeshan2523806

Just left a comment on the commit that just came in a few hours ago. Once I can test this and verify code is working, I can bring this in.

markshust avatar Nov 10 '20 14:11 markshust

We are having the same issue. Any update on this?

simonmaass avatar Jan 11 '21 17:01 simonmaass

Hi @simonmaass -- this is my first day back from a little break. I'll be spending the next couple weeks on open source stuff, so will be testing this out and merging it in shortly (hopefully within the next few hours).

markshust avatar Jan 11 '21 18:01 markshust

Issue confirmed on 2.4.1. Testing out PR/commit.

markshust avatar Jan 11 '21 21:01 markshust

Merged this PR, and also made some styling/coding updates on the other files to keep things consistent with the coding recommendations I made. Tagged as version 1.1.0.

markshust avatar Jan 12 '21 14:01 markshust

@markshust thank you for the fast implementation!

simonmaass avatar Jan 12 '21 14:01 simonmaass

@markshust If I try to enable it for the API i get the following error:

image

simonmaass avatar Jan 14 '21 11:01 simonmaass

Got the same error, but just putting twofactorauth/general/enable_for_api_token_generation with value 0 into core_config_data seems to work.

royduin avatar Jul 12 '22 08:07 royduin

Thanks for this report & info @royduin -- I'll re-open this ticket so we can fix this.

markshust avatar Jul 19 '22 16:07 markshust