Closed Bug 1879358 Opened 3 months ago Closed 3 months ago

Fix a few remaining issues with code changes enforcing duo 2fa for certain members

Categories

(bugzilla.mozilla.org :: General, defect)

Product:
bugzilla.mozilla.org
Component:
General
Version:
Production
Type:
defect

Tracking

()

Status:
RESOLVED FIXED

People

(Reporter: dkl, Assigned: dkl)

Details

Attachments

(1 file)

[mozilla-bteam/bmo] Bug 1879358 - Fix a few remaining issues with code changes enforcing duo 2fa for certain members (#2187)
46 bytes, text/x-github-pull-request
Details | Review

With changes implemented by bug 1861888, I found a couple issues when testing on production using a test account. These need to be addressed before rolling out the larger group.

  • When removing user from required group and they are in Duo, the mfa_required_date is being set to 0000-00-00 00:00:
  • When user is required to use Duo and they currently have TOTP, we need a big NOTE that states why they are getting to that page, to disable TOTP and then enable Duo right after.
  • Add a NOTE to the MFA page if user is required to have Duo and why they cannot disable Duo without admin help.

(In reply to David Lawrence [:dkl] from comment #0)

With changes implemented by bug 1861888, I found a couple issues when testing on production using a test account. These need to be addressed before rolling out the larger group.

  • When removing user from required group and they are in Duo, the mfa_required_date is being set to 0000-00-00 00:00:

Background: The way this is currently implemented, it is supposed to be setting the date to now() - 1 day so that it is already expired. This is unfortunately not happening and is showing up as 0000-00-00.

Merged
https://github.com/mozilla-bteam/bmo/commit/f03c836dbb1a9e051273d9f2cf1e5bd2ac33bf9d

Status: ASSIGNED → RESOLVED
Closed: 3 months ago
Resolution: --- → FIXED
You need to log in before you can comment on or make changes to this bug.

Attachment

General

Creator:
Created:
Updated:
Size: