Does not patch rest api

[Vindfrisk]

Not sure if you intended to also patch this? Anyhow you cant create REST tokens because of 2fa limitation. See response below.

{
    "message": "Please ask an administrator with sufficient access to configure 2FA first",
    "trace": "#0 [internal function]: Magento\\TwoFactorAuth\\Model\\AdminAccessTokenService->createAdminAccessToken()\n#1 /var/www/magento2/vendor/magento/module-webapi/Controller/Rest/SynchronousRequestProcessor.php(95): call_user_func_array()\n#2 /var/www/magento2/vendor/magento/module-webapi/Controller/Rest.php(188): Magento\\Webapi\\Controller\\Rest\\SynchronousRequestProcessor->process()\n#3 /var/www/magento2/vendor/magento/framework/Interception/Interceptor.php(58): Magento\\Webapi\\Controller\\Rest->dispatch()\n#4 /var/www/magento2/vendor/magento/framework/Interception/Interceptor.php(138): Magento\\Webapi\\Controller\\Rest\\Interceptor->___callParent()\n#5 /var/www/magento2/vendor/magento/framework/Interception/Interceptor.php(153): Magento\\Webapi\\Controller\\Rest\\Interceptor->Magento\\Framework\\Interception\\{closure}()\n#6 /var/www/magento2/generated/code/Magento/Webapi/Controller/Rest/Interceptor.php(26): Magento\\Webapi\\Controller\\Rest\\Interceptor->___callPlugins()\n#7 /var/www/magento2/vendor/magento/framework/App/Http.php(116): Magento\\Webapi\\Controller\\Rest\\Interceptor->dispatch()\n#8 /var/www/magento2/generated/code/Magento/Framework/App/Http/Interceptor.php(24): Magento\\Framework\\App\\Http->launch()\n#9 /var/www/magento2/vendor/magento/framework/App/Bootstrap.php(263): Magento\\Framework\\App\\Http\\Interceptor->launch()\n#10 /var/www/magento2/pub/index.php(40): Magento\\Framework\\App\\Bootstrap->run()\n#11 {main}"
}

[markshust]

Thanks for the issue report @Vindfrisk. Yes, I'll keep this issue open and will take any PR's that make this work. I would think this module should disable any functionality of 2FA no matter where it is.

[zeeshan2523806]

@markshust @Vindfrisk do you guyz have any luck with it ? If not then i can create the patch and submit PR for it ?

[markshust]

Just left a comment on the commit that just came in a few hours ago. Once I can test this and verify code is working, I can bring this in.

[simonmaass]

We are having the same issue. Any update on this?

[markshust]

Hi @simonmaass -- this is my first day back from a little break. I'll be spending the next couple weeks on open source stuff, so will be testing this out and merging it in shortly (hopefully within the next few hours).

[markshust]

Issue confirmed on 2.4.1. Testing out PR/commit.

[markshust]

Merged this PR, and also made some styling/coding updates on the other files to keep things consistent with the coding recommendations I made. Tagged as version 1.1.0.

[simonmaass]

@markshust thank you for the fast implementation!

[simonmaass]

@markshust If I try to enable it for the API i get the following error:

[royduin]

Got the same error, but just putting twofactorauth/general/enable_for_api_token_generation with value 0 into core_config_data seems to work.

[markshust]

Thanks for this report & info @royduin -- I'll re-open this ticket so we can fix this.

[markshust]

Whoah - this ticket has been sitting here for a while 😅

I really don't want to disable 2FA for API token generation by default, as I think it should be retained enabled for security purposes.

But it appears this error is occurring only when "Enable 2FA" is set to No, and "Enable 2FA for API Token Generation" is set to Yes. Is this correct?

If so, what do you think would be the best way to handle this situation?

[CalamityJames]

But it appears this error is occurring only when "Enable 2FA" is set to No, and "Enable 2FA for API Token Generation" is set to Yes. Is this correct?

This is indeed what happens, for anyone who wants to work around it for the time being, you can do it via the CLI:

bin/magento config:set twofactorauth/general/enable_for_api_token_generation 0