Describe the bug
issue with logger configuration.

Logs are polluted with a bunch of lines about logger creation:

[2022-05-16 15:50:17] laravel.WARNING: The argument "logger" is deprecated since version 3.3 and will be removed in 4.0. Please use the method "setLogger" instead. in /srv/vendor/web-auth/webauthn-lib/src/AttestationStatement/AttestationObjectLoader.php on line 61
[2022-05-16 15:50:17] laravel.EMERGENCY: Unable to create configured logger. Using emergency logger. {"exception":"[object] (InvalidArgumentException(code: 0): NullHandler must be an instance of Monolog\\Handler\\HandlerInterface at /srv/vendor/laravel/framework/src/Illuminate/Log/LogManager.php:372)
[stacktrace]

Describe the bug
When trying to open the service a 500 | Server error appears.
Hosted via Docker. Using mostly defaults from the Github repo. Logs doesn'ts how any errors. Even when set to debug. Why?

To Reproduce
Steps to reproduce the behavior:
Start newest Docker image from 2fauth/2fauth with the given docker-compose.yml in the Github repo.

Desktop (please complete the following information):

• Ubuntu
• Any

Additional context
Docker logs via
docker logs 2fa -f

supervisord version: v0.6.8
PHP 7.4.26 (fpm-fcgi) (built: Nov 18 2021 21:39:13)
nginx version: nginx/1.20.2
The [/srv/public/storage] link has been connected to [/srv/storage/app/public].
The links have been created.
Configuration cache cleared!
Configuration cached successfully!
time="2022-04-25T08:31:38Z" level=info msg="load configuration from file" file=/etc/supervisor/supervisord.conf

Hi!

I am not able to upload anything to my docker installation.
Version: 04f8e8a
org.opencontainers.image.created | 2021-12-30T09:04:01Z

Icon and QR Code upload:
This error pops up:

2022/01/21 10:50:26 [crit] 60#60: *97 open() "/var/lib/nginx/tmp/client_body/0000000003" failed (13: Permission denied), client: 172.17.0.1, server: 2fauth, request: "POST /api/icon/upload HTTP/1.1", host: "xxx.duckdns.org", referrer: "https://xxx.duckdns.org/account/edit/1"

Log file:
[2022-01-21 10:44:39] local.ERROR: The resource owner or authorization server denied the request. {"exception":"[object] (League\\OAuth2\\Server\\Exception\\OAuthServerException(code: 9): The resource owner or authorization server denied the request. at /srv/vendor/lea> [stacktrace] #0 /srv/vendor/league/oauth2-server/src/AuthorizationValidators/BearerTokenValidator.php(73): League\\OAuth2\\Server\\Exception\\OAuthServerException::accessDenied() #1 /srv/vendor/league/oauth2-server/src/ResourceServer.php(84): League\\OAuth2\\Server\\AuthorizationValidators\\BearerTokenValidator->validateAuthorization() #2 /srv/vendor/laravel/passport/src/Guards/TokenGuard.php(207): League\\OAuth2\\Server\\ResourceServer->validateAuthenticatedRequest() #3 /srv/vendor/laravel/passport/src/Guards/TokenGuard.php(150): Laravel\\Passport\\Guards\\TokenGuard->getPsrRequestViaBearerToken() #4 /srv/vendor/laravel/passport/src/Guards/TokenGuard.php(113): Laravel\\Passport\\Guards\\TokenGuard->authenticateViaBearerToken() #5 /srv/vendor/laravel/passport/src/PassportServiceProvider.php(286): Laravel\\Passport\\Guards\\TokenGuard->user() #6 [internal function]: Laravel\\Passport\\PassportServiceProvider->Laravel\\Passport\\{closure}() #7 /srv/vendor/laravel/framework/src/Illuminate/Auth/RequestGuard.php(58): call_user_func() #8 /srv/vendor/laravel/framework/src/Illuminate/Auth/GuardHelpers.php(60): Illuminate\\Auth\\RequestGuard->user() #9 /srv/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(63): Illuminate\\Auth\\RequestGuard->check() #10 /srv/vendor/laravel/framework/src/Illuminate/Auth/Middleware/Authenticate.php(42): Illuminate\\Auth\\Middleware\\Authenticate->authenticate() #11 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Auth\\Middleware\\Authenticate->handle() #12 /srv/vendor/laravel/framework/src/Illuminate/Routing/Middleware/ThrottleRequests.php(59): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #13 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Routing\\Middleware\\ThrottleRequests->handle() #14 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #15 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(687): Illuminate\\Pipeline\\Pipeline->then() #16 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(662): Illuminate\\Routing\\Router->runRouteWithinStack() #17 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(628): Illuminate\\Routing\\Router->runRoute() #18 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(617): Illuminate\\Routing\\Router->dispatchToRoute() #19 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(165): Illuminate\\Routing\\Router->dispatch() #20 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\\Foundation\\Http\\Kernel->Illuminate\\Foundation\\Http\\{closure}() #21 /srv/app/Http/Middleware/SetLanguage.php(20): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #22 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): App\\Http\\Middleware\\SetLanguage->handle() #23 /srv/vendor/fideloper/proxy/src/TrustProxies.php(57): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #24 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Fideloper\\Proxy\\TrustProxies->handle() #25 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #26 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle() #27 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #28 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle() #29 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #30 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize->handle() #31 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(63): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #32 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode->handle() #33 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}() #34 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(140): Illuminate\\Pipeline\\Pipeline->then() #35 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(109): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter() #36 /srv/public/index.php(55): Illuminate\\Foundation\\Http\\Kernel->handle() #37 {main} "}

Kept strict following the docker install manual.
Adding TOTP by scanning a QR code is no problem, but adding icons or uploading QR Codes.

This is my main user:
uid=1000(urbansunited) gid=1000(urbansunited) Gruppen=1000(urbansunited),24(cdrom),25(floppy),27(sudo),29(audio),30(dip),44(video),46(plugdev),109(netdev)

$ ls -l
drwx------  3 urbansunited     urbansunited 4096 21. Jan 11:55 2fauth

~/Docker/2fauth$ ls -l
-rw-r--r-- 1 urbansunited urbansunited 98304 21. Jan 11:55 database.sqlite
-rw-r--r-- 1 urbansunited urbansunited     8 21. Jan 11:44 installed
drwxrwxrwx 5 urbansunited urbansunited  4096 21. Jan 11:44 storage

Thanks

URBANsUNITED

Describe the bug
The token generation loop stops when the TOTP period is different from 30s

To Reproduce
Steps to reproduce the behavior:

1. Click "Use a qrcode"
2. Submit a QRcode for a TOTP with Period parameter = 40
3. Wait until all dots are filled
4. the loop stops + js error : active is undefined

Expected behavior
A new token should be displayed and the dots blanked

Currently, the installation steps given in README.md do not explain how to deploy to Heroku.

Suggestion:
A Deploy to Heroku button or steps on how to deploy to Heroku can be added to the README.md file.

Since this project requires PHP and Heroku has an option to add PHP, I think this is possible. Please close this issue if it is not possible to deploy this on Heroku.

Describe the bug
Trying to reset the password results in an error page. I see a 500 error on the POST to /api/password/email in my reverse proxy log and the Laravel log in the container shows a stacktrace:

[2021-09-22 20:48:43] local.ERROR: Class 'DOMDocument' not found {"exception":"[object] (Error(code: 0): Class 'DOMDocument' not found at /srv/vendor/tijsverkoyen/css-to-inline-styles/src/CssToInlineStyles.php:114)
[stacktrace]
#0 /srv/vendor/tijsverkoyen/css-to-inline-styles/src/CssToInlineStyles.php(36): TijsVerkoyen\\CssToInlineStyles\\CssToInlineStyles->createDomDocumentFromHtml()
#1 /srv/vendor/laravel/framework/src/Illuminate/Mail/Markdown.php(71): TijsVerkoyen\\CssToInlineStyles\\CssToInlineStyles->convert()
#2 /srv/vendor/laravel/framework/src/Illuminate/Notifications/Channels/MailChannel.php(101): Illuminate\\Mail\\Markdown->render()
#3 /srv/vendor/laravel/framework/src/Illuminate/Notifications/Channels/MailChannel.php(63): Illuminate\\Notifications\\Channels\\MailChannel->buildView()
#4 /srv/vendor/laravel/framework/src/Illuminate/Notifications/NotificationSender.php(148): Illuminate\\Notifications\\Channels\\MailChannel->send()
#5 /srv/vendor/laravel/framework/src/Illuminate/Notifications/NotificationSender.php(106): Illuminate\\Notifications\\NotificationSender->sendToNotifiable()
#6 /srv/vendor/laravel/framework/src/Illuminate/Support/Traits/Localizable.php(19): Illuminate\\Notifications\\NotificationSender->Illuminate\\Notifications\\{closure}()
#7 /srv/vendor/laravel/framework/src/Illuminate/Notifications/NotificationSender.php(109): Illuminate\\Notifications\\NotificationSender->withLocale()
#8 /srv/vendor/laravel/framework/src/Illuminate/Notifications/NotificationSender.php(79): Illuminate\\Notifications\\NotificationSender->sendNow()
#9 /srv/vendor/laravel/framework/src/Illuminate/Notifications/ChannelManager.php(39): Illuminate\\Notifications\\NotificationSender->send()
#10 /srv/vendor/laravel/framework/src/Illuminate/Notifications/RoutesNotifications.php(18): Illuminate\\Notifications\\ChannelManager->send()
#11 /srv/app/User.php(50): App\\User->notify()
#12 /srv/vendor/laravel/framework/src/Illuminate/Auth/Passwords/PasswordBroker.php(66): App\\User->sendPasswordResetNotification()
#13 /srv/vendor/laravel/ui/auth-backend/SendsPasswordResetEmails.php(36): Illuminate\\Auth\\Passwords\\PasswordBroker->sendResetLink()
#14 [internal function]: App\\Http\\Controllers\\Auth\\ForgotPasswordController->sendResetLinkEmail()
#15 /srv/vendor/laravel/framework/src/Illuminate/Routing/Controller.php(54): call_user_func_array()
#16 /srv/vendor/laravel/framework/src/Illuminate/Routing/ControllerDispatcher.php(45): Illuminate\\Routing\\Controller->callAction()
#17 /srv/vendor/laravel/framework/src/Illuminate/Routing/Route.php(239): Illuminate\\Routing\\ControllerDispatcher->dispatch()
#18 /srv/vendor/laravel/framework/src/Illuminate/Routing/Route.php(196): Illuminate\\Routing\\Route->runController()
#19 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(685): Illuminate\\Routing\\Route->run()
#20 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\\Routing\\Router->Illuminate\\Routing\\{closure}()
#21 /srv/app/Http/Middleware/AvoidPasswordResetInDemo.php(24): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#22 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): App\\Http\\Middleware\\AvoidPasswordResetInDemo->handle()
#23 /srv/app/Http/Middleware/RedirectIfAuthenticated.php(24): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#24 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): App\\Http\\Middleware\\RedirectIfAuthenticated->handle()
#25 /srv/app/Http/Middleware/LogUserLastSeen.php(26): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#26 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): App\\Http\\Middleware\\LogUserLastSeen->handle()
#27 /srv/app/Http/Middleware/LogoutInactiveUser.php(26): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#28 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): App\\Http\\Middleware\\LogoutInactiveUser->handle()
#29 /srv/vendor/laravel/framework/src/Illuminate/Routing/Middleware/SubstituteBindings.php(41): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#30 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Routing\\Middleware\\SubstituteBindings->handle()
#31 /srv/vendor/laravel/framework/src/Illuminate/Routing/Middleware/ThrottleRequests.php(59): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#32 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Routing\\Middleware\\ThrottleRequests->handle()
#33 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#34 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(687): Illuminate\\Pipeline\\Pipeline->then()
#35 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(662): Illuminate\\Routing\\Router->runRouteWithinStack()
#36 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(628): Illuminate\\Routing\\Router->runRoute()
#37 /srv/vendor/laravel/framework/src/Illuminate/Routing/Router.php(617): Illuminate\\Routing\\Router->dispatchToRoute()
#38 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(165): Illuminate\\Routing\\Router->dispatch()
#39 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(128): Illuminate\\Foundation\\Http\\Kernel->Illuminate\\Foundation\\Http\\{closure}()
#40 /srv/app/Http/Middleware/SetLanguage.php(20): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#41 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): App\\Http\\Middleware\\SetLanguage->handle()
#42 /srv/vendor/fideloper/proxy/src/TrustProxies.php(57): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#43 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Fideloper\\Proxy\\TrustProxies->handle()
#44 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#45 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle()
#46 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/TransformsRequest.php(21): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#47 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\TransformsRequest->handle()
#48 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/ValidatePostSize.php(27): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#49 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\ValidatePostSize->handle()
#50 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Middleware/CheckForMaintenanceMode.php(63): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#51 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(167): Illuminate\\Foundation\\Http\\Middleware\\CheckForMaintenanceMode->handle()
#52 /srv/vendor/laravel/framework/src/Illuminate/Pipeline/Pipeline.php(103): Illuminate\\Pipeline\\Pipeline->Illuminate\\Pipeline\\{closure}()
#53 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(140): Illuminate\\Pipeline\\Pipeline->then()
#54 /srv/vendor/laravel/framework/src/Illuminate/Foundation/Http/Kernel.php(109): Illuminate\\Foundation\\Http\\Kernel->sendRequestThroughRouter()
#55 /srv/public/index.php(55): Illuminate\\Foundation\\Http\\Kernel->handle()
#56 {main}

To Reproduce
Steps to reproduce the behavior:
At the login page, click the reset password link, enter your email and click send password reset link.

Expected behavior
An email is sent to reset the password

Desktop (please complete the following information):

• OS: Docker 20.10.8 on Ubuntu 21.04
• Browser: Firefox 92.0
• Version latest Docker image, published 9/9/21

Hello,
great work ! will be even better if we could use it as an extension for our browser browser !
Thanks

Describe the solution you'd like
I think this has huge potential, the interface is clean / nice and I love that it only seeks to solve 2FA. The downfall for me is that it's slower than using an auth app and (as the project is so early on) there's little integration. This is more of a suggestion for a potential long-term roadmap:

It would be amazing if this project were to provide TOTP via browser plugins in particular, like BitWarden do, where I can specify applicable URLs and there's a notification on the extension icon that alert the user that there's a TOTP associated with that URL.

Combine this with a copy to clipboard button, and you have the perfect isolated, but easily accessible TOTP client for my money.

Describe alternatives you've considered
There are no real alternatives.

Additional context
Best practice is to keep TOTP and passwords entirely separate and on different storage locations. Not a single password manager provides this as a service that I can find, and I cannot find a single 2FA specific service that has broad integration with browsers and the usage style I mention above.

Describe the bug
After updating to v3.0, I am unable to access my old TOTP entries.

To Reproduce
Steps to reproduce the behavior:

1. Update to latest docker image after having backed up sqlite db.
2. Before starting container, copy database into 2fauth folder and ensure proper permissions as directed by Github guide.
3. Start container and log in to web app.
4. Click on any TOTP entry
5. Receive error message saying "An error occurred: This OTP format is not currently supported".

Expected behavior
Access TOTP entries from before the upgrade.

Screenshots
If I restore the database and the browser remembers my previous session, I am able to see the entries, but when I click on any one of them, I get the following error:

Desktop (please complete the following information):

• OS: [e.g. iOS] Linux
• Browser [e.g. chrome, safari] Firefox
• Version [e.g. 22]

Describe the bug
When telling 2FAuth to use MySQL as database, an exception occurs while running php artisan migrate:refresh:

Migration table not found.
Migration table created successfully.
Migrating: 2014_10_12_000000_create_users_table
Migrated:  2014_10_12_000000_create_users_table (0.03 seconds)
Migrating: 2014_10_12_100000_create_password_resets_table
Migrated:  2014_10_12_100000_create_password_resets_table (0.02 seconds)
Migrating: 2016_06_01_000001_create_oauth_auth_codes_table
Migrated:  2016_06_01_000001_create_oauth_auth_codes_table (0.04 seconds)
Migrating: 2016_06_01_000002_create_oauth_access_tokens_table
Migrated:  2016_06_01_000002_create_oauth_access_tokens_table (0.04 seconds)
Migrating: 2016_06_01_000003_create_oauth_refresh_tokens_table
Migrated:  2016_06_01_000003_create_oauth_refresh_tokens_table (0.04 seconds)
Migrating: 2016_06_01_000004_create_oauth_clients_table
Migrated:  2016_06_01_000004_create_oauth_clients_table (0.03 seconds)
Migrating: 2016_06_01_000005_create_oauth_personal_access_clients_table
Migrated:  2016_06_01_000005_create_oauth_personal_access_clients_table (0.01 seconds)
Migrating: 2017_03_03_100000_create_options_table
Migrated:  2017_03_03_100000_create_options_table (0.02 seconds)
Migrating: 2019_05_16_162730_create_twofaccounts_table
Migrated:  2019_05_16_162730_create_twofaccounts_table (0.01 seconds)
Migrating: 2020_03_25_095517_add_order_column_to_twofaccounts_table
Migrated:  2020_03_25_095517_add_order_column_to_twofaccounts_table (0.02 seconds)
Migrating: 2020_10_05_210557_add_last_seen_to_users_table
Migrated:  2020_10_05_210557_add_last_seen_to_users_table (0.01 seconds)
Migrating: 2020_10_11_202302_add_provider_column_to_oauth_clients_table
Migrated:  2020_10_11_202302_add_provider_column_to_oauth_clients_table (0 seconds)
Migrating: 2020_10_20_210129_create_groups_table
Migrated:  2020_10_20_210129_create_groups_table (0.02 seconds)
Migrating: 2020_10_20_211115_add_group_id_column_to_twofaccounts_table

   Illuminate\Database\QueryException 

  SQLSTATE[HY000]: General error: 3780 Referencing column 'group_id' and referenced column 'id' in foreign key constraint 'twofaccounts_group_id_foreign' are incompatible. (SQL: alter table `twofaccounts` add constraint `twofaccounts_group_id_foreign` foreign key (`group_id`) references `groups` (`id`) on delete set null)

  at vendor/laravel/framework/src/Illuminate/Database/Connection.php:671
    667|         // If an exception occurs when attempting to run a query, we'll format the error
    668|         // message to include the bindings with SQL, which will make this exception a
    669|         // lot more helpful to the developer instead of just the database's errors.
    670|         catch (Exception $e) {
  > 671|             throw new QueryException(
    672|                 $query, $this->prepareBindings($bindings), $e
    673|             );
    674|         }
    675| 

      +12 vendor frames 
  13  database/migrations/2020_10_20_211115_add_group_id_column_to_twofaccounts_table.php:24
      Illuminate\Support\Facades\Facade::__callStatic()

      +34 vendor frames 
  48  artisan:37
      Illuminate\Foundation\Console\Kernel::handle()

To Reproduce
Steps to reproduce the behavior:

1. Clone git repo
2. Install php dependencies using php composer
3. Create MySQL user/database
4. Edit .env file to use MySQL backend
5. Run php artisan migrate:refresh

Expected behavior
Command should complete successfully (it does when using SQLite backend).

Server:

• OS: Ubuntu 20.04
• 2FAuth version: 2.0.0

Is your feature request related to a problem? Please describe.
I don't like setting up projects when I'm not certain that this is exactly what I'm looking for. Creating a docker-compose.yml description of the services needed will make deploying this app much faster.

Describe the solution you'd like
I would like to have a docker-compose.yml file for easily deploying a fully working instance of this app including its database and php backend for very quick and easy deployment.

Describe alternatives you've considered
I'm not sure if there are any useful alternatives to docker deployment.

Additional context
No additional context.

Describe the bug
The autolock feature is enabled even when auth is handle by an auth proxy.

To Reproduce
Steps to reproduce the behavior:

1. Set env AUTHENTICATION_GUARD=reverse-proxy-guard
2. log in and wait without interaction for the duration set in the autolock option
3. 2FAuth tries to log out

Expected behavior
Autolock should be disabled

Hi,

I had updated the container and now the app fail.

Configuration cache cleared!

Configuration cached successfully!

time="2022-05-10T07:56:36Z" level=info msg="load configuration from file" file=/etc/supervisor/supervisord.conf

192.168.1.127 - - [10/May/2022:07:56:38 +0000] "GET /login HTTP/1.1" 500 44 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0"

192.168.1.127 - - [10/May/2022:07:56:40 +0000] "GET /login HTTP/1.1" 500 44 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0"

192.168.1.127 - - [10/May/2022:07:56:42 +0000] "GET /login HTTP/1.1" 500 44 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0"

192.168.1.127 - - [10/May/2022:07:56:44 +0000] "GET /login HTTP/1.1" 500 44 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0"

Running version latest commit 3923ada built on 2022-05-09T23:16:54Z

supervisord version: v0.6.8

PHP 7.4.26 (fpm-fcgi) (built: Nov 18 2021 21:39:13)

nginx version: nginx/1.20.2

The [/srv/public/storage] link already exists.

The links have been created.

Configuration cache cleared!

Configuration cached successfully!

time="2022-05-10T08:05:40Z" level=info msg="load configuration from file" file=/etc/supervisor/supervisord.conf

192.168.1.127 - - [10/May/2022:08:05:44 +0000] "GET /login HTTP/1.1" 500 44 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0"

Fresh install cannot solve the problem.

Thank you :)

Describe the bug
Using the advanced form, providing a secret in plain text format does not pass validation

To Reproduce
Steps to reproduce the behavior:

1. Go to https://demo.2fauth.app/account/create
2. Set secret as azerty in plain text format
3. Submit the form
4. Field validation fails, asking for a base32 encoded string

Expected behavior
plain text should be accepted

Screenshots

Additional context
Introduced by v3.0.0

Describe the bug
Getting "CSRF token mismatch." error when logging back in after getting kicked out after auto lock. Happend on desktop and mobile Firefox Browser

To Reproduce
Steps to reproduce the behavior:

1. Sign in
2. Wait till you get kicked out by auto lock
3. Sign back in
4. See error

Expected behavior
Being able to use see and copy the TOTPs instead of the error message.

Screenshots

Desktop:

• OS: Windows 10
• Browser: Firefox
• Version: 100

Smartphone:

• Device: Google Pixel 5
• OS: Android 12
• Browser: Firefox
• Version: 100

Additional context
Refresh button is doing nothing (brings you back to the login page, but it the error will be shown again after sing in untill hard reload of the page)

Describe the bug
I only see a blank, white page.

To Reproduce

1. Import the git files.
2. Install the composer files (php dependencies).
3. Run php artisan ... (including to generate the key for .env).
4. Create and setup .htaccess file to let localhost/2fauth act for localhost/2fauth/public.
5. Updated the composer files (some of them didn't got fully installed).

Expected behavior
I expect the website to show just that, the website, and not a blank, white page.

Additional context
Have I missed something?

The README states that every database that is supported by Lavarel can be used. This in particular includes MySQL (as of today's check).
On the other hand, Commit c24f5b2 drops MySQL support for the container (and I can confirm: It does not work any more). There is some mismatch of information and actual behavior.

Hi,
I am new to 2FA and looking at this helpful project.

I wonder to known the process of 2FA, when adding a website( E.g Github, Facebook) for a user, who response to generate the QR code (by my understanding, the QR code should contain the information of github url and user name, not sure what else there). if the website itself provide the QR code?

Thanks in advance.

Describe the bug
Continued from #16.

Trying to access any page with AUTHENTICATION_GUARD=reverse-proxy-guard redirects to /login. Trying to login normally leads to a Server Error, then a brief glimpse of /accounts before redirecting back to /login. See the laravel log here. Browser shows all network requests OK except /api/v1/twofaccounts and /api/v1/groups return 401 with "message: Unauthenticated".

To Reproduce
Steps to reproduce the behavior:

1. Enable proxy auth
2. Log in to proxy (Google Oauth/traefik forward auth)
3. Go to main 2fauth page

Expected behavior
/accounts appears as normal without having to log in

Desktop (please complete the following information):

• OS: windows 11
• Browser: firefox
• Version: 100.0 x64

Smartphone (please complete the following information):

• Device: galaxy s21 ultra
• OS: android
• Browser: firefox
• Version: 100.1.2

Is your feature request related to a problem? Please describe.
I'd like to disable the option to create a new account.

Describe the solution you'd like
An option to disable this feature. In the web interface or in the configuration file.

Describe alternatives you've considered
To set a password for the website.

Additional context

Keep up the good work! :)

Describe the bug
Applied group filter is not removed if the group is deleted

To Reproduce
Steps to reproduce the behavior:

1. Create a group Test and move 2 accounts to the group
2. Filter accounts on this group
3. Open the group selector and go to Manage groups
4. Delete the group Test and return to accounts
5. The group filter is set to All but show only 2 accounts (the ones previously moved to the Test group)

Expected behavior
The applied filter should be removed after the group deletion to show all accounts

Hi Bubka!

I am really struggeling with your software. Sorry
On a RPI 4 with Debian 10 64bit I am trying to install 2FAuth
Latest master and the 2.10 release. Both act the same

I believe I did everything correct, but all I get is
A black screen with a 404 and underneath “Resource not found”

I used the google Chrome dev tools and figured out that I can’t reach

http://192.168.0.xxx/api/checkuser
Not Found
The requested URL was not found on this server.

Can you help me with this issue please?
Is file server permissions or database or???

Many thanks in advance

URBANsUNITED

Is your feature request related to a problem? Please describe.
With the release yesterday, the latest tag was broken. I was attempting to set the is up for the first time an now cannot until the latest tag is fixed

Describe the solution you'd like
Tag images with either build id or version number so we can use previous images if they current latests is broken

Describe alternatives you've considered
N/A

Additional context
Should be able do this in the build pipeline using docker tag and possibly an additional push step

Illuminate\Database\QueryException

could not find driver (SQL: PRAGMA foreign_keys = ON;)

at vendor/laravel/framework/src/Illuminate/Database/Connection.php:671
667| // If an exception occurs when attempting to run a query, we'll format the error
668| // message to include the bindings with SQL, which will make this exception a
669| // lot more helpful to the developer instead of just the database's errors.
670| catch (Exception $e) {

671| throw new QueryException(
672| $query, $this->prepareBindings($bindings), $e
673| );
674| }
675|

1 [internal]:0
Illuminate\Foundation\Application::Illuminate\Foundation{closure}(Object(App\Providers\AppServiceProvider))

  +2 vendor frames

4 [internal]:0
Illuminate\Foundation\Application::Illuminate\Foundation{closure}(Object(App\Providers\AppServiceProvider))
root@ip-172-31-91-171:~/2fauth#

I am on Debian 10 Buster

Is your feature request related to a problem? Please describe.
An error message is showing up if you click "Forgot your password? Reset it", then type in your email, click "Send password reset link" and be surprised with the error.

Describe the solution you'd like
Is see email related setting in the app.json file, but I did not found this file in my docker volume folder and there does not seem to be docker environment variables to adjust these. So if it email delivery is already implemented, the settings should be adjustable for individual users.

Additional context

Is your feature request related to a problem? Please describe.
There is no possibility to create new accounts

Describe the solution you'd like
It would be nice the admin could create or invite new members so they can use the same service

Describe alternatives you've considered
Run multiple 2FAuth docker

Describe the bug
I really like the idea of encrypting the database with my data. However, I came across two problems using it:

If I enable the encryption and try to add a new account by scanning the QR code it seems to work at first. I can see the account and the current code. However, when I click on 'Save' it fails with
"An error occured:
Server Error
Refresh"
When I disable encryption everything works just fine. I noticed that with encryption enabled only the issuer is shown but not the label of the account (both are shown when I disable encryption). I guess for some reason it takes that as an empty string and fails because of that...?

If I add an account without encryption enabled and try to enable it afterwards it fails with
"An error occured:
Encryption failed, your database remains unprotected.
Refresh"

Let me know if you need more info!

To Reproduce
Steps to reproduce the behavior:

1. Install 2FAuth (using MySQL if that matters)
2. Click on 'Settings'
3. Enable 'Protect sensible data'
4. Try to add account using QR scanner
5. Get Error

Expected behavior
Account gets added successfully.

Server:

• OS: Ubuntu 20.04
• MySQL version: 8.0.22
• 2FAuth version: 2.0.1

Describe the bug
After a group change 2FAuth notify about data that should be reloaded

To Reproduce
Steps to reproduce the behavior:

1. Go Edit mode
2. Select some accounts and click Move
3. Select a group and submit the move
4. Edit mode is restored with a notification

Expected behavior
Automatic data reload without user prompt

Screenshots

Describe the solution you'd like
Adding an option to require U2F authentication when signing in would greatly increase the security of 2fauth. Some examples of U2F are Yubikey, Google Titan, etc.

This repository looks like it may work well for this: https://github.com/Firehed/u2f-php

Describe the bug
Account creation is rejected when the service parameter is not present in the otpauth URI submitted via QR code live scan or upload.

To Reproduce
Steps to reproduce the behavior:

1. Get a QR code for an URI like otpauth://totp/accountname?secret=GJTGC5LUNA. This is a valid URI following key URI format as only the Label parameter (aka accountname) is mandatory
2. Scan or upload the QR code in 2FAuth
3. Click the Save button
4. See validation error: The service field is missing

Expected behavior
The account should be stored

Describe the bug
Hi there ! I've just made a repository to host my Dockerfile (and docker-compose.yml) for this project. But I can't figure out how to get a proper SQL server working with it.

To Reproduce
Steps to reproduce the behavior:

1. Clone my repo and change to head to the first commit
2. make

Expected behavior
Make should work and the server should be working localy. But instead, I get this:

2fauth_1           |    Illuminate\Database\QueryException 
2fauth_1           | 
2fauth_1           |   could not find driver (SQL: insert into `oauth_clients` (`user_id`, `name`, `secret`, `provider`, `redirect`, `personal_access_client`, `password_client`, `revoked`, `updated_at`, `created_at`) values (?, 2FAuth Personal Access Client, G7....HA, ?, http://localhost, 1, 0, 0, 2021-01-10 20:00:00, 2021-01-10 20:00:00))
2fauth_1           | 
2fauth_1           |   at vendor/laravel/framework/src/Illuminate/Database/Connection.php:671
2fauth_1           |     667|         // If an exception occurs when attempting to run a query, we'll format the error
2fauth_1           |     668|         // message to include the bindings with SQL, which will make this exception a
2fauth_1           |     669|         // lot more helpful to the developer instead of just the database's errors.
2fauth_1           |     670|         catch (Exception $e) {
2fauth_1           |   > 671|             throw new QueryException(
2fauth_1           |     672|                 $query, $this->prepareBindings($bindings), $e
2fauth_1           |     673|             );
2fauth_1           |     674|         }
2fauth_1           |     675|
2fauth_1           | 
2fauth_1           |       +51 vendor frames 
2fauth_1           |   52  artisan:37
2fauth_1           |       Illuminate\Foundation\Console\Kernel::handle(Object(Symfony\Component\Console\Input\ArgvInput), Object(Symfony\Component\Console\Output\ConsoleOutput))

Desktop (please complete the following information):

• base image composer:2.0
• Browser : Google Chrome 87.0.4280.141
• Version : lastest (commit hash: 4a9f73f6a1650d106b0844f2849b9cf091ca880c)

Hi,
I followed all the installation steps on the github page and they all went smoothly.
My question is, how do I start 2FAuth? If it helps, I use Apache2 as my main web server.
Thank You

Hi. Again not the greatest question I guess but how do I enable/serve 2FAuth over HTTPS. I am using it with docker container and run it with following command:

sudo docker run -d -p 80:8000/tcp \
-v /home/ubuntu/2fauth:/2fauth 2fauth/2fauth

which serves it on port 80 and it is accessible on my domain, lets say abc.com (http://abc.com/).
I have also generated certificate for my domain using certbot/letsencrypt but when I try to access https://abc.com/ it simply doesn't load:

Can you please help with the configuration I am missing? Thanks.

Hi,

Impossible to upload an icone.

2022/05/10 13:43:47 [crit] 46#46: *104 open() "/var/lib/nginx/tmp/client_body/0000000006" failed (13: Permission denied), client: 192.168.1.127, server: 2fauth, request: "POST /api/v1/icons HTTP/1.1", host: "xxxx.localdomain:8041", referrer: "http://xxxxxxx.localdomain:8041/account/2/edit"

How big should the image be? The format maybe?

Thank you

Describe the bug
Error 500 when uploading picture file of QR code.
Scanning the QR code with my computer webcam or using the advanced form both work.

To Reproduce

1. Sign in or register
2. Click on New
3. Click on Upload a QR code
4. Pick a file

Expected behavior
The file should not result in a 500 error.

Video recoding (600KB):

Desktop (please complete the following information):

• OS: Windows
• Browser: Chromium
• Version 90.0.4430.212 (Official Build) (64-bit)

Additional context

My 2fauth runs on a Docker image I designed with nginx (config) + php-fpm. Someone else installed 2fauth on a Debian virtual machine (without Docker) and it resulted in the same exact issue (and we did not communicate much on how to set it up either). So I doubt this is a setup issue, except perhaps an Nginx config issue?

I also don't know where to find server error logs, maybe you could enlighten me on this one?

As a side note, I worked on a Docker image which fully works apart from this bug. I'll make a PR to the repo once this bug is fixed. I can also set it up to cross build for ARM machines which would solve a bunch of issues on this repo 😉

Describe the bug
'Use a qrcode' feature in standard form do not fill the form and return a HTTP 422 error

To Reproduce
Steps to reproduce the behavior:

1. Open /account/create
2. Click on Use a qrcode button

Expected behavior
The form is filled with decoded data from the uploaded image

Screenshots
If applicable, add screenshots to help explain your problem.

Desktop (please complete the following information):
any

Smartphone (please complete the following information):
any

Additional context
Add any other context about the problem here.

Describe the bug
The Test feature returns an error in the advanced form when the Account or Service field contains a colon.

To Reproduce
Steps to reproduce the behavior:

1. Go to /account/create
2. Field the form with Account or Service with a colon
3. Click on Test
4. See error

Expected behavior
An OTP password should be displayed

Describe the bug
While running the docker setup as described in the wiki section the 2FA server will spawn but while trying to connect to it the server throws 500 exceptions

To Reproduce
Steps to reproduce the behavior:

1. Go to the wiki section
2. Follow the steps to run it dockerized
3. setup permissions
4. use command docker run -it --rm -p 8000:8000/tcp \ -v $PWD/2fauth:/2fauth 2fauth/2fauth

Expected behavior
see the web interface of the application

Screenshots

Desktop (please complete the following information):

• OS: Ubuntu 20 Server 20.4.3 LTS
• Browser: Google Chrome

Additional context
Stack trace:

#0 /srv/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php(143): Illuminate\View\Compilers\BladeCompiler->compileString()
#1 /srv/vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php(51): Illuminate\View\Compilers\BladeCompiler->compile()
#2 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(139): Illuminate\View\Engines\CompilerEngine->get()
#3 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(122): Illuminate\View\View->getContents()
#4 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(91): Illuminate\View\View->renderContents()
#5 /srv/vendor/laravel/framework/src/Illuminate/Http/Response.php(62): Illuminate\View\View->render()
#6 /srv/vendor/laravel/framework/src/Illuminate/Http/Response.php(34): Illuminate\Http\Respo...PHP message: PHP Fatal error:  Uncaught Error: Call to undefined function Illuminate\View\Compilers\token_get_all() in /srv/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php:232
Stack trace:
#0 /srv/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php(143): Illuminate\View\Compilers\BladeCompiler->compileString()
#1 /srv/vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php(51): Illuminate\View\Compilers\BladeCompiler->compile()
#2 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(139): Illuminate\View\Engines\CompilerEngine->get()
#3 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(122): Illuminate\View\View->getContents()
#4 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(91): Illuminate\View\View->renderContents()
#5 /srv/vendor/laravel/framework/src/Illuminate/Http/Response.php(62): Illuminate\View\View->render()
#6 /srv/vendor/laravel/framework/src/Illuminate/H
172.16.20.162 - - [02/Sep/2021:10:55:36 +0000] "GET / HTTP/1.1" 500 5 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36"
172.16.20.162 - - [02/Sep/2021:10:55:37 +0000] "GET / HTTP/1.1" 500 5 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36"
2021/09/02 10:55:37 [error] 46#46: *1 FastCGI sent in stderr: "PHP message: PHP Fatal error:  Uncaught Error: Call to undefined function Illuminate\View\Compilers\token_get_all() in /srv/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php:232
Stack trace:
#0 /srv/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php(143): Illuminate\View\Compilers\BladeCompiler->compileString()
#1 /srv/vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php(51): Illuminate\View\Compilers\BladeCompiler->compile()
#2 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(139): Illuminate\View\Engines\CompilerEngine->get()
#3 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(122): Illuminate\View\View->getContents()
#4 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(91): Illuminate\View\View->renderContents()
#5 /srv/vendor/laravel/framework/src/Illuminate/Http/Response.php(62): Illuminate\View\View->render()
#6 /srv/vendor/laravel/framework/src/Illuminate/Http/Response.php(34): Illuminate\Http\Respo...PHP message: PHP Fatal error:  Uncaught Error: Call to undefined function Illuminate\View\Compilers\token_get_all() in /srv/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php:232
Stack trace:
#0 /srv/vendor/laravel/framework/src/Illuminate/View/Compilers/BladeCompiler.php(143): Illuminate\View\Compilers\BladeCompiler->compileString()
#1 /srv/vendor/laravel/framework/src/Illuminate/View/Engines/CompilerEngine.php(51): Illuminate\View\Compilers\BladeCompiler->compile()
#2 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(139): Illuminate\View\Engines\CompilerEngine->get()
#3 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(122): Illuminate\View\View->getContents()
#4 /srv/vendor/laravel/framework/src/Illuminate/View/View.php(91): Illuminate\View\View->renderContents()
#5 /srv/vendor/laravel/framework/src/Illuminate/Http/Response.php(62): Illuminate\View\View->render()
#6 /srv/vendor/laravel/framework/src/Illuminate/H

Current container on dockerhub is x86-64.

For build to run on raspberry pi there needs to be a working build for armv7/armv8 pushed to dockerhub.

Describe the bug
Accounts with long Service name are not handle correctly in Edit mode

To Reproduce
Steps to reproduce the behavior:

1. Set an account with a long Service name
2. Click Manage
3. Reduce the viewport
4. The Edit button and the handle are pushed out of the viewport

Expected behavior
Edit button and handle should stay in the viewport regardless of the Service length

Screenshots

Hi,
A docker container would be a nice addition by making installation much easier for new users.
Thanks

Is your feature request related to a problem? Please describe.
When transferring/exporting TOTPs from Google Authenticator, the QR code is not being recognised. This is due to Google Authenticator exporting format is encoded and can be decoded with a simple python script or this migration site which is also open source and generates a QR code to scan afterwards.

Describe the solution you'd like
An integrated converter when recognising otpauth-migration://offline?data=... pattern from the QR code and import the profile automatically.

Describe alternatives you've considered
Using the simplified python script and manually add the TOTP to the 2fauth app or use the site and scan the resulting QR codes.

Additional context (scanned from Google Authenticator and then hold my fingers in front of the camera)

Describe the bug
If the email address at login is not written in the exact same way as during sign-up then the login fails. Capitalization should not matter here.

To Reproduce
Steps to reproduce the behavior:

1. Go to 2fauth instance
2. Attempt to login with email address using different capitalization as during sign-up
3. Login fails

Expected behavior
Capitalization should not render the email invalid.

Desktop (please complete the following information):

• OS: Ubuntu 20.04
• 2FAuth version: 2.0.0

Hi, would it be possible to disable registration for new users? I only want to use this for myself.

Hi 👋

Describe the bug
When I try to assign an account with parentheses in the title to a group I get an error.

Account name: Brainstorm Force (Astra)
Error: 500 PATCH /api/group/accounts HTTP/1.0

I removed "(Astra)" from the title and then it worked.

A tiny improvement: The German translation for the "Create new group" button is "Neue Gruppe erstellen".

Expected behavior
It should also work with parentheses in the title.

(It's not important to me that this gets fixed.)
Thanks for this nice tool. 👍

Regards,
Mark

Describe the bug
Default group setting is not reset if the selected group is deleted

To Reproduce
Steps to reproduce the behavior:

1. Create a group
2. Go to "Settings" and set the group as the default one
3. Delete the group
4. Return to "Settings"

Expected behavior
The Default group setting should be reset to No Group

Screenshots
If applicable, add screenshots to help explain your problem.

Describe the bug
When 2Fauth is configured with MySQL as db, deleting a group which has 2FA accounts fails, error 500 returned.
No error with sqlite.

To Reproduce
Steps to reproduce the behavior:

1. Create a group
2. Switch to Manage view and move an account to the group
3. Open the Manage group view
4. Delete the group

Expected behavior
The group should be deleted

Screenshots

Additional context
Error message:

An error occured:

SQLSTATE[23000]: Integrity constraint violation: 1451 Cannot delete or update a parent row: a foreign key constraint fails (2fauth.twofaccounts, CONSTRAINT twofaccounts_group_id_foreign FOREIGN KEY (group_id) REFERENCES groups (id)) (SQL: delete from groups where id = 10)

Is your feature request related to a problem? Please describe.
Steam totp is currently not supported because it is 5 digits and is in letters instead of numbers.

Describe the solution you'd like
Support for steam's totp through the custom form with 5 digit pin of letters.

Describe alternatives you've considered
Bitwarden currently has support for this feature which may help with figuring out how to add support. https://community.bitwarden.com/t/question-about-steam-totp-codes/3513

Describe the bug
When scanning a QR Code there is not apparent way to select which camera to use. In general this is not a problem, but rather an inconvenience. However my surface book 2 automatically selects the infrared camera which does not see the qr code from any screen. I don't see any way to circumvent this except to disable the ir camera hardware (not wanted).

To Reproduce
Steps to reproduce the behavior:

1. Go to 'https://instance'
2. Click on 'Scan QR Code' -> 'https://instance/capture'
3. Only option is cancel.

Expected behavior

• A list of cameras to select from,
• or a button to cycle through camera modes

Screenshots
Since no error occurs there is nothing in the logs or anything. It just doesn't scan anything. Screen only shows B/W IR sensor image.

Desktop:

• OS: Windows 10 20H2
• Browser: chrome
• Version: 88

Smartphone:

• Read Camera default (also not changeable but not a major issue)

Describe the bug
I'm using the docker installation, and when I try to add any code using the TOTP method, based in time, the generated code never works. Seems it's not synchronized or something like that.

Note: I register all the codes manually, because the docker bug (QR scanning) is still present.

Expected behavior
The generated code works.

Smartphone (please complete the following information):

• OS: Android 11
• Browser mozilla, chrome

Aditional information
I have 2FAuth instance (docker) installed locally (LAN), but with internet access. I access the service via VPN when I need it outside.