Come together with the global Drupal community in Rotterdam, 28 Sept – 1 Oct 2026. Sessions, contribution, connection, and Early Bird savings until 8 June.Problem/Motivation
I configured this module with SMS (Twilio) validation and Recovery codes + Help page fallbacks + Force TFA module for only one role.
Then the customer decided to drop the Recovery code as it considered confusing for it's users.
Result:
- roles with TFA can log in normally.
- roles without TFA are redirected to system/tfa/%user/%hash which is empty (instead of simply logging in)
Steps to reproduce
Remaining tasks
Find out the reason why - create fix.
My assumption is that having no validate plugin (or only Help page) fails a condition to skip TFA.
| Comment | File | Size | Author |
|---|---|---|---|
| screenshot-kerknet.docker.localhost_81-2021.09.20-11_55_34.png | 70.38 KB | reszli |
Comments