Whenever I test access on https://opnsense/diag_authentication.php and enter a wrong password (or combination of TOTP and password), I get this error:
Fatal error: Uncaught Error: Call to undefined method OPNsense\Auth\Local::getLastAuthErrors() in /usr/local/www/diag_authentication.php:76 Stack trace: #0 {main} thrown in /usr/local/www/diag_authentication.php on line 76
It seems like the function getLastAuthErrors() is not defined in /usr/local/opnsense/mvc/app/library/OPNsense/Auth/Local.php, only in /usr/local/opnsense/mvc/app/library/OPNsense/Auth/LDAP.php - thus, it cannot be called in the general case.
This error is a little uncomforting, because I do not dare to activate TOTP-based authentication before I can be sure that it works...
Sure, looks like a bug. But given the point of the tester is to verify that login is allowed with correct credentials, does it really matter that you get this with incorrect credentials? Can confirm that TOTP running here for months is absolutely fine
can you try fix mentioned in
https://forum.opnsense.org/index.php?topic=22370.msg106236#msg106236 ?
Of course that works, because the call to getLastAuthErrors() is removed by that patch.
It should be applied to the release version.
good!
call is not removed but function moved from LDAP to Base. anyway this fixes my stupid mistake and I hope that the patch will be in the next release
Quote from: meyergru on April 13, 2021, 10:05:27 PM
It should be applied to the release version.
It is already applied to the upcoming version.
Cheers,
Franco