Wordpress-ios: SIWA: Login silently fails after SIWA succeeds
iOS 13.1b1
WP app 13.2.0.3.11
Login failed. Presented with “Do you want to sign into WP with this account?”, hit Continue, authorized with FaceID, then taken straight back to login screen.
p77Llu-czj-p2/#comment-14571
astralbodies
All 9 comments
Second report with similar experience after enabling two-step auth on the existing wpcom account.
p77Llu-czj-p2/#comment-14576
astralbodies
on 31 Aug 2019
More reports with wpcom two-factor breaking SIWA:
p77Llu-czj-p2/#comment-14593
p77Llu-czj-p2/#comment-14599
astralbodies
on 31 Aug 2019
Report related to attempting to sign up for a new account:
- Had an account connected to Apple.
- Changed wpcom account email and disconnected in Calypso, but didn't disconnect on the Apple side.
- Attempted to log in again and it silently failed.
Ideally we could detect this case and present a message to the user explaining they need to disconnect on the Apple side to start over/create a new wpcom account.
p77Llu-czj-p2#comment-14578
rachelmcr
on 4 Sep 2019
Report related to changing the account password:
- Did SIWA on iOS to create account.
- On the web, set an account password.
- Logged out on iOS.
- Attempted SIWA on iOS again and it silently failed.
p77Llu-czj-p2#comment-14615
rachelmcr
on 4 Sep 2019
Another report with an unclear cause — this happened while trying SIWA with an Apple ID with an email address not associated with a WP.com account
p77Llu-czj-p2#comment-14618
rachelmcr
on 4 Sep 2019
Another report, this time after pressing the home button instead of using Touch ID:
p77Llu-czj-p2#comment-14642
rachelmcr
on 4 Sep 2019
With regard to the login endpoint for mobile /users/social/new, it's designed to return an error for 2FA accounts: code='2FA_enabled', message='This account is associated with a WordPress.com account which has Two-Step Authentication enabled'
How do we handle this case for Google? It should probably be the same thing
Tug
on 4 Sep 2019
I can confirm that on an account with 2FA enabled, the error in the app logs is the one mentioned above:
Apple Authenticator: signup failed. error: Error Domain=WordPressKit.WordPressComRestApiError Code=7 "This account is associated with a WordPress.com account which has Two-Step Authentication enabled." UserInfo={WordPressComRestApiErrorMessageKey=This account is associated with a WordPress.com account which has Two-Step Authentication enabled., NSLocalizedDescription=This account is associated with a WordPress.com account which has Two-Step Authentication enabled., WordPressComRestApiErrorCodeKey=2FA_enabled}
However, it looks like we never handled this case for Google logins in the app. Trying to log in to an existing 2FA account with Google returns the same error (displayed in the UI to the user):
This account is associated with a WordPress.com account which has Two-Step Authentication enabled.
Error alert added with https://github.com/wordpress-mobile/WordPress-iOS/pull/12468.
ScoutHarris
on 27 Sep 2019
Related issues
mindgraffiti
·
3Comments
designsimply
·
3Comments
ScoutHarris
·
3Comments
wptester9845
·
3Comments
kurzee
·
3Comments
Most helpful comment
I can confirm that on an account with 2FA enabled, the error in the app logs is the one mentioned above:
However, it looks like we never handled this case for Google logins in the app. Trying to log in to an existing 2FA account with Google returns the same error (displayed in the UI to the user):