Using TFA 2.0-beta3 and TFA Basic Plugins 1.0-dev, I get a blank maintenance mode screen after i enter my user name and password, when I should have been offered to enter the TFA code. The TFA configuration is set to be optional, so I can actually (succesfully) log in with other accounts that dont have TFA enabled, but not with accounts that have TFA TOTP enabled.

Once I use another admin to put the site out of maintenance mode, and then change the cookie session back to the user having TFA problems, I just need to refresh that page (I am _not_ prompted to enter the login credentials again (good)) to get it to display as expected. Then I get to enter the TFA code and successfully log in.

Unsure if this is related to TFA or TFA Basic plugins.

CommentFileSizeAuthor
#5 allow-to-use-tfa-in-maintenance-mode-2694723-5.patch785 bytesrickj
#3 allow-to-use-tfa-in-maintenance-mode-2694723-3.patch785 bytesnullkernel
#3 interdiff_2-3.txt886 bytesnullkernel
#2 allow-to-use-tfa-in-maintenance-mode-2694723-2.patch1.16 KBjunaidpv

Comments

Leeteq created an issue. See original summary.

junaidpv’s picture

junaidpv
Location Kannur, Kerala
commented
Version: 7.x-2.0-beta3 » 7.x-2.x-dev
Status: Active » Needs review
StatusFileSize
new allow-to-use-tfa-in-maintenance-mode-2694723-2.patch1.16 KB

We also facing this issue. So, I worked on and prepared a patch to fix this. Here is the patch.

It brings a permission "Use TFA in maintenance mode", roles having this permission can use TFA in maintenance mode.

nullkernel’s picture

nullkernel commented
StatusFileSize
new interdiff_2-3.txt886 bytes
new allow-to-use-tfa-in-maintenance-mode-2694723-3.patch785 bytes

Thanks for the patch. It worked for me. I'd say RTBC except that I believe the newly defined permission seems redundant, so I'm attaching an updated patch for review.

Drupal core defines a permission "Use the site in maintenance mode". I think that this permission should be reused, rather than a new one defined. I generally like customizability, but in this case I think:

  1. Using the core permission is simpler.
  2. Site admins won't need to update their role permissions to benefit from this improvement if we use the core permission.
  3. I can't think of a use case where you would want a role to have one permission but not the other.

I'm attaching an updated patch and interdiff.

jonas139’s picture

jonas139 commented

I was having the same problem but the patch did the trick!
Thanks guys!
+1

rickj’s picture

rickj commented
Status: Needs review » Reviewed & tested by the community
StatusFileSize
new allow-to-use-tfa-in-maintenance-mode-2694723-5.patch785 bytes

I've just tripped over this. My site is set up with TFA mandatory for all admin accounts, and I got locked out due to a backup cron job hanging. I had to hack index.php to get back in - real pain!

I've updated the patch to match the latest release (line-number change), and marked RTBC. Could this be committed please?

francewhoa’s picture

francewhoa
he/him
Primary language French
Location Sept-Îles, Québec, 🇨🇦
commented

This is to confirm that RickJ's patch resolves this challenge

Thanks to all contributors for resolving this

Could this patch be committed, please?

francewhoa’s picture

francewhoa
he/him
Primary language French
Location Sept-Îles, Québec, 🇨🇦
commented

For those facing this challenge, the steps below allows you to temporarily log in your Drupal without any patch and without hacking Drupal:

Steps:

  1. Using any file manager to your liking, temporarily move the tfa folder outside Drupal. For example:
    • From: /home/<VIRTUAL.SERVER>/public_html/sites/all/modules/contrib/tfa
    • To: /home/<VIRTUAL.SERVER>/temporary/tfa
  2. Using your any internet navigator to your liking, such as Firefox, go to https://<WEBSITE>/user
  3. Log-in
  4. Move the tfa folder back to: /home/<VIRTUAL.SERVER>/public_html/sites/all/modules/contrib/tfa
  5. You are now successfully still log-in your Drupal

Keep in mind that, in the future, after you log out, the challenge will be back. For a permanent resolution, you need to apply the appropriate patch above.

  • poker10 committed 9277c1a2 on 7.x-2.x authored by nullkernel 
    Issue #2694723 by nullkernel, junaidpv, Leeteq: Maintenance mode blocks...
poker10’s picture

poker10 commented
Status: Reviewed & tested by the community » Fixed

Committed this, thanks everyone who contributed!

Status: Fixed » Closed (fixed)

Automatically closed - issue fixed for 2 weeks with no activity.