[FreddysHouse] Two-factor Authentication 1.3.3

[XxUnkn0wnxX]

OK, so I've been able to get this working now.

You need to edit the template:

login_enter_twofactor

Change:

        <dl class="ctrlUnit submitUnit">
            <dt></dt>
            <dd>
                <input type="submit" class="button primary" value="{xen:phrase log_in}" />
                <a href="{xen:link lost-twofactor/lost, '', 'username_email={$login}'}" class="OverlayTrigger OverlayCloser">{xen:phrase lost_twofactor_device}</a>
            </dd>
        </dl>

to

        <dl class="ctrlUnit submitUnit">
            <dt></dt>
            <dd>
                <input type="submit" class="button primary" value="{xen:phrase log_in}" />
                <a href="{xen:link lost-twofactor/lost, '', 'username_email={$passThru.login}'}" class="OverlayTrigger OverlayCloser">{xen:phrase lost_twofactor_device}</a>
            </dd>
        </dl>

This then passed the login username to the URL to generate the e-mail.

ur a life saver thank you! - now need to edit all my themes - this patch needs to be apart of update

 

[CypherHackz]

Hello,

I just installed this addon. I test the addon and check whether the "Lost your two-factor device?" is working or not. When I click the link, it shows me this error message:

The following error occurred:
The requested member could not be found.

May I know why? I'm using Google Authenticator btw.

-cypher.

 

[MattW]

Hello,

I just installed this addon. I test the addon and check whether the "Lost your two-factor device?" is working or not. When I click the link, it shows me this error message:



May I know why? I'm using Google Authenticator btw.

-cypher.

Check about 3 posts previous. I posted the fix for the template error

 

[XxUnkn0wnxX]

i recently installed this: http://xenforo.com/community/resour...ollection-anti-spam-complete-collection.1469/
TAC(Tenants Anti-Spam Collection) - Anti-Spam Complete Collection

and since then i have been getting these errors:

ErrorException: Fatal Error: Call to undefined method FreddysHouse_TwoFactor_Model_User::getUsersSM() - library/SortMem/ControllerPublic/Member.php:140
Generated By: abj9999, Today at 1:03 AM
Stack Trace

#0 [internal function]: XenForo_Application::handleFatalError()
#1 {main}

Request State

array(3) {
  ["url"] => string(40) "http://portalcentric.net/forums/members/"
  ["_GET"] => array(0) {
  }
  ["_POST"] => array(0) {
  }
}

 

[MattW]

What is the SortMem add-on, as that is the directory where the file that is reporting the error is coming from?

EDIT: I have the full TAC add-on installed, and don't have any errors with that or the two factor add-on.

 

[XxUnkn0wnxX]

What is the SortMem add-on, as that is the directory where the file that is reporting the error is coming from?

EDIT: I have the full TAC add-on installed, and don't have any errors with that or the two factor add-on.

my bad its actually this add one:
[RAID101.com] Member List Manager http://xenforo.com/community/resources/raid101-com-member-list-manager.1421/

not sure why it started playing up used to work fine with it

but any way i would like it to work with it... and any/all modules for that add one: http://xenforo.com/community/resources/authors/moz.18480/

 

[XxUnkn0wnxX]

this error is starting to get really annoying:

 

[XxUnkn0wnxX]

well i traced the error to Member.php file i found:

<?php
class SortMem_ControllerPublic_Member extends XFCP_SortMem_ControllerPublic_Member
{
    public function actionIndex()
    {      
        $options = Xenforo_Application::get('options');
        $visitor = XenForo_Visitor::getInstance();
        $userModel = $this->_getUserModel();
        $usergroups = XenForo_Model::create('SortMem_Model_UserGroups');
        $sortables = Xenforo_Application::getSimpleCacheData('sort_mem_sortables');
      
        $userId = $this->_input->filterSingle('user_id', XenForo_Input::UINT);
        $ordermem = $this->_request->getParam('sort');
        $directmem = $this->_request->getParam('dir');
        $userfilter = array();
        $userfilter = $this->_request->getParam('userfilter');
        $defaultOrder = $options->sort_default_order;
        $defaultDir = $options->sort_default_direct;
        $canUseFilter = $visitor->hasPermission('general', 'CanFilterUsersSortMem');
      
        if ($userId)
        {
            return $this->responseReroute('XenForo_ControllerPublic_Member','member');
        }
        else if ($this->_input->inRequest('user_id'))
        {
            return $this->responseError(new XenForo_Phrase('posted_by_guest_no_profile'));
        }

        $username = $this->_input->filterSingle('username', XenForo_Input::STRING);
        if ($username !== '')
        {
            $user = $userModel->getUserByName($username);
            if ($user)
            {
                return $this->responseRedirect(
                    XenForo_ControllerResponse_Redirect::SUCCESS,
                    XenForo_Link::buildPublicLink('members', $user)
                );
            }
            else
            {
                $userNotFound = true;
            }
        }
        else
        {
            $userNotFound = false;
        }

        $page = $this->_input->filterSingle('page', XenForo_Input::UINT);
        $usersPerPage = XenForo_Application::get('options')->membersPerPage;
      
        $criteria = array(
                'user_state' => 'valid',
                'is_banned' => 0
            );
      
        $canUseSortCriteria = 0;
        foreach ($sortables AS &$sortcriteria){
            $sortcriteria['sort_phrase'] = new XenForo_Phrase($sortcriteria['sort_phrase']);
            $sortcriteria['show_phrase'] = new XenForo_Phrase($sortcriteria['show_phrase']);
            if(($ordermem == $sortcriteria['title']) && $sortcriteria['enable_sort'])
                $canUseSortCriteria = 1;
            $sortcriteria['column'] = explode('.', $sortcriteria['sort_column']);
        }
        if(!$canUseSortCriteria)
            $ordermem = '';
          
        if (($visitor->get('is_admin') && $options->sort_view_admin) OR ($visitor->get('is_moderator') && $options->sort_view_mod))
        {
            $groups = ($usergroups);
          
            if($userfilter)
                $groupscrit = $userfilter;
            else
                $groupscrit = '';
        }
        else
        {
            if($options->sort_filter_banned == 1)
            {
                $criteria['is_banned'] = 1;
            }
          
            if($options->SortMem_usergroups_user && $options->SortMem_usergroups)
                $groupschoose = array_intersect($options->SortMem_usergroups_user,$options->SortMem_usergroups);
            else
                $groupschoose = $options->SortMem_usergroups_user;          
          
            if($groupschoose)
                $groups = ($usergroups->get_user_groups($userfilter,$groupschoose));
            else
                $groups = array();
          
            if($userfilter && $canUseFilter)
                $groupscrit = array_intersect($userfilter,$options->SortMem_usergroups_user);
            else
                $groupscrit = $options->SortMem_usergroups;
          
          
          
            if (!$groupscrit)
                $groupscrit = $options->SortMem_usergroups;
              
            if($options->sort_filter_admins == 1)
            {
                $criteria['is_admin'] = 0;
            }
          
            if($options->sort_filter_mods == 1)
            {
                $criteria['is_moderator'] = 0;
            }
        }

        $criteria['user_group_id'] = $groupscrit;

        $criteria['secondary_group_ids'] = $groupscrit;
      
        if(!$ordermem && !$directmem){
            foreach ($sortables AS &$sortcriteria){
                if ($sortcriteria['is_default']){
                    $ordermem =  $sortcriteria['title'];
                    $directmem = $sortcriteria['default_order'];
                }
            }
          
        }
        elseif(!$directmem){
            foreach ($sortables AS &$sortcriteria){
                if ($sortcriteria['title'] == $ordermem){
                    $directmem = $sortcriteria['default_order'];
                }
            }
          
        }
              
        // users for the member list
        $users = $userModel->getUsersSM($criteria, array(
            'join' => XenForo_Model_User::FETCH_USER_FULL,
            'perPage' => $usersPerPage,
            'page' => $page,
            'order' => $ordermem,
            'direction' => $directmem
        ));

        // most recent registrations
        $latestUsers = $userModel->getLatestUsersSM($criteria, array('limit' => $options->sort_mlu));

        // most active users (highest post count)
        $activeUsers = $userModel->getMostActiveUsersSM($criteria, array('limit' => $options->sort_mau));
      
        $pageNavParams['sort'] = $ordermem;
        $pageNavParams['dir'] = $directmem;
        $pageNavParams['userfilter'] = $userfilter;
      
        $viewParams = array(
            'users' => $users,

            'totalUsers' => $userModel->countUsersSM($criteria),
            'page' => $page,
            'usersPerPage' => $usersPerPage,
            'ordermem' => $ordermem,
            'directmem' => $directmem,
            'pageNavParams' => $pageNavParams,

            'latestUsers' => $latestUsers,
            'activeUsers' => $activeUsers,

            'userNotFound' => $userNotFound,
            'groups' => $groups,
            'userfilter' => $userfilter,
            'canUseFilter' => $canUseFilter,
            'sortables' => $sortables
        );

        return $this->responseView('XenForo_ViewPublic_Member_List', 'member_list', $viewParams);
    }
  
    protected function _getUserModel()
    {
        return $this->getModelFromCache('XenForo_Model_User');
    }
}

where:
// users for the member list
$users = $userModel->getUsersSM($criteria, array(
'join' => XenForo_Model_User::FETCH_USER_FULL,
'perPage' => $usersPerPage,
'page' => $page,
'order' => $ordermem,
'direction' => $directmem

the error occurs more specifically $users = $userModel->getUsersSM($criteria, array(
line

i am no xenforo coder but the error lies in here not sure how to fix it though.

please help me fix this, many thanks appreciated if you can help.

+ would be nice if i knew how xenforo code works, maybe so i can learn and fix such problems in the future or how to fully understand the error logs would be great.

 

[SheepCow]

SheepCow updated [FreddysHouse] Two-factor Authentication with a new update entry:

PHP 5.5 compatibility update

This is a minor update that brings compatibility with PHP 5.5. The only change is that cURL's multi-perform has been removed so it will try each server in turn.

You do not need to upgrade if the add-on is working on your site.

Read the rest of this update entry...

 

[Mouth]

Can 2-factor be mandated/required for certain users or usergroups? Eg. Can I set it so that my moderator and admin usergroups all require 2-factor to be activated (and remain active) before they can next logon? Thanks.

 

[rdn]

Does this addon support second auth via sms?

 

[XxUnkn0wnxX]

what what is this error:

Fatal error: Call to undefined method FreddysHouse_TwoFactor_Model_User::getUsersSM() in /home/unkn0wn/public_html/forums/library/SortMem/ControllerPublic/Member.php on line 140

i get this when i go to the members page

 

[erich37]

question please:

when using "Google's Authenticator app"...... can Google itself grab my Login-data ?

 

[sonnb]

question please:

when using "Google's Authenticator app"...... can Google itself grab my Login-data ?

Never. You are misunderstanding the way this app works. It is just a key.

 

[SheepCow]

question please:

when using "Google's Authenticator app"...... can Google itself grab my Login-data ?

Nothing ever goes anywhere near Google. In reality it should be called "Time-based One-time Passwords" but that's not as catchy and the Google Authenticator was the main app on the market that implemented the algorithm (it's RFC 6238). Have a read on Wikipedia, but essentially it works like this:

1. When adding the authenticator to the account the add-on generates a random code (let's call that the secret key, K).
2. K is displayed on the "add an authenticator" page only once (it'll change randomly on each refresh).
3. When the user scans the barcode (or types in K as displayed on the page) it uses K and the current time, t, to generate a code.
4. When they type in the code the add-on is able to use the current time (and K, since it told the user what K was) to generate a code.
5. If the code from the user matches the code from the add-on then we're happy they've done it properly and add the authenticator.

Their app on their phone/gadget will keep generating codes as time passes, as long as the server time and time on the phone/gadget are close enough the codes will match (as they've both got the secret K). The add-on doesn't talk to Google or Microsoft or anyone else to do any of this.

TOTP is such a nice standard (and simple to implement) that it's used by all sorts of companies as their way to do 2-factor authentication (which is why there's an authenticator-style app on most platforms)

 

[melbo]

So without changing anything, my 2 listed yubikeys began to fail auth last night. I used GA to login in, deleted my yubikeys and tried to re-enter them but am getting a 'Failed to validate the code provided.' error and cannot add them.

 

[Deebs]

Have you recently upgraded curl on your server? You need the latest version of this to work with newer versions of curl.

 

[melbo]

I don't specifically recall updating curl recently but I keep my server up to date quite regularly.
I'm already running 1.3.1 of this addon.

Haven't had any problems and have been using 2 different yubikeys for a few weeks now.

 

[melbo]

We have recently installed an SSL cert although we're still testing so the Board URL has not been changed to https:// yet.

I tried unchecking 'Use Secure Connections" in the Yubikey options and it's now working. I'm sure that my partial migration to SSL has something to do with it.

Will monitor and update

 

[SheepCow]

We have recently installed an SSL cert although we're still testing so the Board URL has not been changed to https:// yet.

I tried unchecking 'Use Secure Connections" in the Yubikey options and it's now working. I'm sure that my partial migration to SSL has something to do with it.

Will monitor and update

Have you got the [FreddysHouse] Logger add-on installed? It'll give a bit more info on what's going on underneath