Hi,
I tried to ask a complex question which got no answers, so I’m trying to formulate it again.
Basically: I lost access to the web interface (even with the admin). This is most likely because one of the auth plugins is not working, namely, Duo Security (Two-step authentication), possibly because it has wrong credentials. That’s irrelevant, though: nobody can login, not even with REST (i.e. with Pydio Sync), mostly because once the login/password is accepted, Pydio is calling the auth plugin, which gives an error, and this is interpreted as not having any valid active repository. I know that this sounds a bit weird, but from what I could gather from the source code, this is my theory about what happens: the first auth plugin, which just asks for login and password from the DB, is working fine, and the authentication is accepted; but now Pydio has instructions to load another plugin to get access to the data, and when this second plugin is called, and fails, Pydio is left with a DB-authenticated user but without the knowledge if the default/active repository is accessible for that user or not… and ultimately fails:
Note the error coming from SecureTokenMiddleware.php, line 70 — this ought still be calling the Duo Security plugin, which I don’t want to, and therefore it fails.
A similar error was reported in the past without answer.
Note that I can comment out the exception on SecureTokenMiddleware.php and get rid of the error. This still doesn’t work, because Pydio is expecting the Duo Security to provide it with a valid workspace; as a consequence, the user gets logged in, but the page remains empty, since there is no active workspace. By ‘empty’ I really mean empty; I have no access to anything at all and thus cannot turn off the Duo Security plugin from the web interface.
So, how do I accomplish the same thing manually, i.e. either from the command line interface, changing the DB manually, or by tweaking any configuration files?
