View Issue Details

This bug affects 1 person(s).
 0
IDProjectCategoryView StatusLast Update
19948Bug reportsRemoteControlpublic2025-01-28 15:08
Reporterb3n Assigned To 
PrioritynoneSeverityminor 
Status newResolutionopen 
Product Version6.6.x 
Summary19948: remotecontrol with 2FA
Description

While using 2FA and remotecontrol API:

remotecontrol_handle.get_session_key()

https://github.com/LimeSurvey/LimeSurvey/blob/master/application/helpers/remotecontrol/remotecontrol_handle.php#L47

In my code I am calling: https://api.limesurvey.org/classes/remotecontrol-handle.html#method_get_session_key

Do I just have to pass the correct "plugin" to get_session_key if a user has 2FA enabled? What would that plugin string be? And is there a way to determine if a user has 2FA, before calling get_session_key?


For reference my code: https://github.com/ait-cs-IaaS/koord2ool/blob/main/src/api/limesurvey.ts#L35

Steps To Reproduce

Steps to reproduce

  1. Enable remotecontrol
  2. create a user with 2FA enabled
  3. Call get_session_key for the 2FA user

Expected result

It returns a 2FA challenge, or allows to pass the 2nd factor in any other way.

Actual result

It fails with:

{"id":1,"result":{"status":"Authentication key invalid"},"error":null}

TagsNo tags attached.
Bug heat0
Complete LimeSurvey version number (& build)6.10.0
I will donate to the project if issue is resolvedNo
Browser
Database type & versionPostgreSLQ 17
Server OS (if known)
Webserver software & version (if known)
PHP Version8.1.31

Users monitoring this issue

There are no users monitoring this issue.

Activities

There are no notes attached to this issue.

Issue History

Date Modified Username Field Change
2025-01-28 15:08 b3n New Issue