New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
4.2 - MultiFactor GMP/bcmath requirement locks users out of site #38485
Comments
Thank you for NOT reporting this three months ago when I had abandoned my business for a whole month to contribute this feature and for just whining instead of proposing a code solution. Yes of course I will cancel the first vacation I had tried to take in three years to write code for the issues you are filing three months too late, playing all high and mighty, when the reality is that you COULD have contributed three months ago but couldn't be arsed. Thank you for nothing, Phil. |
@PhilETaylor thanks for reporting, @nikosdion enjoy your vacation. Maintenance will look at it. |
@PhilETaylor Oh come on, Phil! I am replying to your issue on the same tone this issue and all your other issues the last 10 hours are written. Funny you don't like others treating you the same way you treat them, huh? Count how many times you use the word "fiasco" in your issues the last 9 hours. Count how many personal attacks you have made. Even here you are spreading FUD by making what you know is a FALSE CLAIM you are "forever locked out" of your Joomla account. The only thing you achieve with this kind of false and unfair comments is undoing ten years of trying to educate users on account security and give them the tools to protect their sites. Please talk to people the same way you want them to talk to you. In any case, I am going to write code to fix this. @rdeutz thanks for the offer but I am not one to throw code over the wall and call it a day. |
@rdeutz Please assign this issue to me |
@nikosdion ok, done. |
Pull request #38488. Please test. |
@PhilETaylor Okay, let's take a deep breath. As one neurodivergent person to another: the way we perceive others' words and the way we perceive how our words might affect others are not always in line with how most people do. Let's stop bickering and start working together. In the end of the day and regardless of the words we exchanged we both want to help Joomla succeed. I am sorry for misunderstanding the tone of your voice and do understand that you also read more to my reply than I said. While I am disappointed that you didn't test in May — yet you are right that I cannot and I will not dictate how you use your own time — I was also being factual, not snarky, saying that I am cutting my vacation short (at least for today) to help fix what is broken in the code I contributed. I feel responsibility for my code. So let's stop bickering and work together. Thank you. |
Steps to reproduce the issue
Install Joomla 4.2.0 on a server without GMP and bcmath PHP Extensions
Login to Joomla Admin and Enable Multi Auth using an
Web Authentication
(Touch ID on Mac)Joomla allows this, and secures your account.
Logout
Attempt to login again
Expected result
Expect to be prevented from locking myself and users, out of their accounts
Expect not to be able to SET UP and LOCK an account if the server then cannot authenticate that multi-auth authenticator due to server requirements not being met.
Actual result
Im now forever locked out of my account because I was allowed to enable multi-auth but my server doesn't have GMP or bcmath extensions and so I cannot login on the captive login page
The text was updated successfully, but these errors were encountered: