Vote #81866
未完了Can't login in after upgrading to rev. 21486
0%
説明
Hello,
I previously enabled 2fa with Google Authenticator and it worked smoothly.
After upgrading to rev.21486 I can no longer log in with the ga generated code.
The error message is "Invalid or outdated code".
How can I get rid of this?
Is there a way to disable 2fa without logging into Redmine?
thanks.
journals
I cannot reproduce the issue for now.
You can forcefully disable two-factor authentication if you can access the console of your Redmine server. Please follow the steps below:
Go go the installation directory of Redmine and start a Rails console.
<pre>
cd path/to/redmine
bin/rails c -e production
</pre>
Enter the following lines in the Rails console. The example below disables two-factor authentication for the user 'jsmith'.
<pre>
user = User.find_by(login: 'jsmith')
require 'redmine/twofa/base'
twofa = Redmine::Twofa::Base.new(user)
twofa.destroy_pairing_without_verify!
exit
</pre>
--------------------------------------------------------------------------------
Hello,
The code snippet works.
After disabling 2fa authentication for my account, it ask me to set it up again.
(I enabled this option for administrators when I tried to translate label_required_administrators, see #36606).
After I scanned the QR code in Google Authenticator and enter code shown in GA, it won't accept the code.
So, it seems that I need to disable this setting too.
Thanks in advance.
!2022-03-21_20-22-07.png!
--------------------------------------------------------------------------------
Hi,
I figured it out.
$ mysql -u myredmineuser -p
Enter password: myredminepassword
MariaDB [(none)]> use redmine
MariaDB [redmine]> update settings set value = 0 where name = 'twofa';
I can login to my Redmine site again. :)
It is very strange that the 2fa setting page won't accept any code from Google Authenticator & Authy.
--------------------------------------------------------------------------------
ChunChang Lo wrote:
> It is very strange that the 2fa setting page won't accept any code from Google Authenticator & Authy.
Are the clocks of your devices correct?
--------------------------------------------------------------------------------
Go MAEDA wrote:
> Are the clocks of your devices correct?
yes, the system time (iphone & pc) is the same. (ntp to the same timezone, Taipei UTC+8).
just tried again, and both google authenticator & authy are failed (the 2fa settings page doesn't accept codes from the app).
the error message is the same as '2022-03-21_20-22-07.png'.
BTW, the redmine server uses UTC & all admin accounts uses Taipei UTC+8 in the account's preferences.
--------------------------------------------------------------------------------
Strangely, 2fa can be enabled again after updating to rev.21497.
!2022-03-24_11-28-40.png!
--------------------------------------------------------------------------------
表示するデータがありません