[#43796] - [5.2] MFA and Silent Logins
- Fixed in Code Base
- 11 Sep 2024
- Medium
- Build: 5.1-dev
- # 43796
- Diff
- leeroy1821:patch-42308
- Pending continuous-integration/drone/pr Build is pending Details
User tests: Successful: Unsuccessful:
Pull Request for Issue #42308 .
Replaces #43790
Summary of Changes
Update \Joomla\Plugin\System\Webauthn\PluginTraits\AjaxHandlerLogin. Fix loading user plugins (broken because maybe a b/c break?). Fix wrong events constructors (missing subject, wrong argument order). Fix triggering events (wrong event name passed).
Testing Instructions
- Create user with MFA and passkey login
- Users, Manage, Options, Multi-factor Authentication, Multi-factor Authentication after silent login => No.
- Log out
- Log in with passkey
Actual result BEFORE applying this Pull Request
Joomla! asks for MFA
Expected result AFTER applying this Pull Request
Joomla does not ask for MFA
Link to documentations
Please select:
-
Documentation link for docs.joomla.org:
-
No documentation changes for docs.joomla.org needed
-
Pull Request link for manual.joomla.org:
-
No documentation changes for manual.joomla.org needed
Votes
| Status | New | ⇒ | Pending |
joomla-cms-bot
- | Category | ⇒ | Front End Plugins |
I have tested the code on our test site (J5.1.2) and this fixed the issue. I can login with the passkey, without also needing to use the 2FA token of my security key. Also, the login without the passkey (normal account login + required 2FA token) still works as expected. Excellent! I hope to see this fix in the next Joomla release.
Thanks @leeroy1821
@jjnxpct Please go to the issue tracker here https://issues.joomla.org/tracker/joomla-cms/43796 and use the blue "Test this" button at the top left corner, select your test result and submit. Otherwise your test will not be counted. A PR needs 2 successful human tests to get accepted.
I have tested this item ✅ successfully on 7092ecc
I have tested the code on our test site (J5.1.2) and this fixed the issue. I can login with the passkey, without also needing to use the 2FA token of my security key. Also, the login without the passkey (normal account login + required 2FA token) still works as expected. Excellent! I hope to see this fix in the next Joomla release.
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/43796.
I have tested this item ✅ successfully on 7092ecc
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/43796.
| Status | Pending | ⇒ | Ready to Commit |
| Labels |
Added:
bug
PR-5.1-dev
|
||
RTC
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/43796.
| Labels |
Added:
RTC
|
||
| Title |
|
||||||
I have tested this item ✅ successfully on 9365fa0
This comment was created with the J!Tracker Application at issues.joomla.org/tracker/joomla-cms/43796.
| Title |
|
||||||
| Labels |
Added:
PR-5.2-dev
|
||
| Labels |
Removed:
PR-5.1-dev
|
||
Thank you for your contribution @leeroy1821!
| Status | Ready to Commit | ⇒ | Fixed in Code Base |
| Closed_Date | 0000-00-00 00:00:00 | ⇒ | 2024-09-11 21:35:12 |
| Closed_By | ⇒ | Hackwar |
I have tested the code on our test site (J5.1.2) and this fixed the issue. I can login with the passkey, without also needing to use the 2FA token of my security key. Also, the login without the passkey (normal account login + required 2FA token) still works as expected. Excellent! I hope to see this fix in the next Joomla release.
Thanks @leeroy1821