You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
we've decided to force 2fa for all the syspass users in the company. Some users, however, started complaining that they cannot enable 2fa in the profile settings. They toggle the switch, scan the QR code and write down the verification code. After hitting save, they get the green bar "preferences saved" but 2fa gets immediatelly disabled again and a new QR code is displayed.
I have tracked the problem down to a DB schema deficiency. The column plugin_data under the table plugins is defined as VARBINARY(5000). Since each user settings consumes about 600B (recovery codes take a lot), after about 8-10 users one hits the column size limit and all successive MySQL save queries start to fail. The problem is even more anoying since if the query fails, the exception is turned into false return in savePluginUserData and the user only gets one green bar instead of two (but no error message). So he/she is unaware of the saving problem. The solution at the moment was to update the column definition to VARBINARY(32768) but this is only a short-term solution. As the number of users can grow to hundreds, this storage schema will not scale (since VARBINARY is capped to 65k, I believe).
sidenote: Why is there a use2fa field under the usrData table which is always set to 0 when there is a complete settings under plugins?
Best regards,
David Fabian
The text was updated successfully, but these errors were encountered:
sidenote: Why is there a use2fa field under the usrData table which is always set to 0 when there is a complete settings under plugins?
A time ago, this plugin/feature was included within sysPass code, so there were some shared data that were stored in several tables. Currently, every plugin must contain its own data model and store it in the same table.
Hello,
we've decided to force 2fa for all the syspass users in the company. Some users, however, started complaining that they cannot enable 2fa in the profile settings. They toggle the switch, scan the QR code and write down the verification code. After hitting save, they get the green bar "preferences saved" but 2fa gets immediatelly disabled again and a new QR code is displayed.
I have tracked the problem down to a DB schema deficiency. The column
plugin_data
under the tableplugins
is defined asVARBINARY(5000)
. Since each user settings consumes about 600B (recovery codes take a lot), after about 8-10 users one hits the column size limit and all successive MySQL save queries start to fail. The problem is even more anoying since if the query fails, the exception is turned intofalse
return insavePluginUserData
and the user only gets one green bar instead of two (but no error message). So he/she is unaware of the saving problem. The solution at the moment was to update the column definition toVARBINARY(32768)
but this is only a short-term solution. As the number of users can grow to hundreds, this storage schema will not scale (since VARBINARY is capped to 65k, I believe).sidenote: Why is there a
use2fa
field under theusrData
table which is always set to 0 when there is a complete settings underplugins
?Best regards,
David Fabian
The text was updated successfully, but these errors were encountered: