@zipus opened this Issue on March 15th 2022

When I disable 2FA for my admin user I receive the following traceback:

/var/www/html # ./console twofactorauth:disable-2fa-for-user --login="zipus"
ERROR [2022-03-15 21:05:07] 71157  Uncaught exception in API: /var/www/html/core/API/Proxy.php(436): Please specify a value for 'passwordConfirmation'. [Query: , CLI mode: 1]
ERROR [2022-03-15 21:05:07] 71157  Uncaught exception: /var/www/html/core/API/Proxy.php(436): Please specify a value for 'passwordConfirmation'. [Query: , CLI mode: 1]

  [Exception]                                         
  Please specify a value for 'passwordConfirmation'.  

twofactorauth:disable-2fa-for-user [--login="..."]

/var/www/html # 

It's running from

  • Matomo Version: 4.4.1
  • Image: matomo:fpm-alpine
  • Server Operating System: Linux with Docker
@sgiehl commented on March 16th 2022 Member

hi @zipus. Thanks for creating this issue. I was able to reproduce that using the latest version. It seems the command for disabling 2fa for a user is currently broken.
The problem seems to be this code:
https://github.com/matomo-org/matomo/blob/284bdc0816dd2eff4010e4be42812ff3cc7e25e1/plugins/TwoFactorAuth/Commands/Disable2FAForUser.php#L31-L33
As the API requires a password confirmation, this can't work. We could possibly use this instead:

StaticContainer::get(TwoFactorAuthentication::class)->disable2FAforUser($login);
@MeiKatz commented on April 14th 2022

Is there currently any workaround? Maybe by setting / deleting some values in the database?

@sgiehl commented on April 14th 2022 Member

@MeiKatz clearing the twofactor_secret column in the matomo_user table for the specific user should do the trick I guess.

This Issue was closed on May 2nd 2022
Powered by GitHub Issue Mirror