[GH-ISSUE #1307] Latest Release Two Factor - Unauthorized #6348

New Issue

Closed

opened 2026-04-20 16:56:24 -05:00 by GiteaMirror · 5 comments

GiteaMirror commented 2026-04-20 16:56:24 -05:00

Owner

Copy Link

Originally created by @Novanglus96 on GitHub (Aug 18, 2025).
Original GitHub issue: https://github.com/go-vikunja/vikunja/issues/1307

Description

There was a new release pushed to the docker hub in the last 24 hours. After updating to that version, I get Unauthorized errors for any changes I attempt to make, i.e. closing Tasks, Creating Tasks, etc. It appears to be an issue with Two Factor Authorization as I had that turned on prior to the update and when viewing two factor in Settings, it has en enroll option as if it is not setup.

I can confirm that rolling back to verison 0.24.6 allows me to login and authenticate with two factor, but then I get db errors since apparently there were db scheme changes with the lastest version.

Vikunja Version

Latest

Browser and version

Chrome

Can you reproduce the bug on the Vikunja demo site?

Yes

Screenshots

No response

Originally created by @Novanglus96 on GitHub (Aug 18, 2025). Original GitHub issue: https://github.com/go-vikunja/vikunja/issues/1307 ### Description There was a new release pushed to the docker hub in the last 24 hours. After updating to that version, I get Unauthorized errors for any changes I attempt to make, i.e. closing Tasks, Creating Tasks, etc. It appears to be an issue with Two Factor Authorization as I had that turned on prior to the update and when viewing two factor in Settings, it has en enroll option as if it is not setup. I can confirm that rolling back to verison 0.24.6 allows me to login and authenticate with two factor, but then I get db errors since apparently there were db scheme changes with the lastest version. ### Vikunja Version Latest ### Browser and version Chrome ### Can you reproduce the bug on the Vikunja demo site? Yes ### Screenshots _No response_

GiteaMirror closed this issue 2026-04-20 16:56:25 -05:00

GiteaMirror commented 2026-04-20 16:56:26 -05:00

Author

Owner

Copy Link

@kolaente commented on GitHub (Aug 18, 2025):

Likely not a problem with the two factor auth. Please confirm that your problem is not one of these:

• https://github.com/go-vikunja/vikunja/issues/1303
• https://github.com/go-vikunja/vikunja/issues/1306

<!-- gh-comment-id:3197312095 --> @kolaente commented on GitHub (Aug 18, 2025): Likely not a problem with the two factor auth. Please confirm that your problem is not one of these: - https://github.com/go-vikunja/vikunja/issues/1303 - https://github.com/go-vikunja/vikunja/issues/1306

GiteaMirror commented 2026-04-20 16:56:26 -05:00

Author

Owner

Copy Link

@Novanglus96 commented on GitHub (Aug 18, 2025):

It is similar to 1306 but I also haven't changed any settings. I do not use authentik so 1303 doesn't apply to me. I also haven't changed any config settings, and I did not intend to update to a rc release. I was using the latest tag so not sure how I would end up with a rc build. Is there a way to roll back to 0.24.6 safely?

<!-- gh-comment-id:3197445790 --> @Novanglus96 commented on GitHub (Aug 18, 2025): It is similar to 1306 but I also haven't changed any settings. I do not use authentik so 1303 doesn't apply to me. I also haven't changed any config settings, and I did not intend to update to a rc release. I was using the latest tag so not sure how I would end up with a rc build. Is there a way to roll back to 0.24.6 safely?

GiteaMirror commented 2026-04-20 16:56:27 -05:00

Author

Owner

Copy Link

@Novanglus96 commented on GitHub (Aug 18, 2025):

An interesting note as well, that if I am already logged in, I can view and navigate without issue. It's just updates that trigger the Unauthorized error.

<!-- gh-comment-id:3197450059 --> @Novanglus96 commented on GitHub (Aug 18, 2025): An interesting note as well, that if I am already logged in, I can view and navigate without issue. It's just updates that trigger the Unauthorized error.

GiteaMirror commented 2026-04-20 16:56:27 -05:00

Author

Owner

Copy Link

@kolaente commented on GitHub (Aug 18, 2025):

Did you set a publicurl?

You can pin your docker configuration to 0.24.6. Rolling back is not really supported though, you'll need to restore a backup and switch to the old version.

<!-- gh-comment-id:3197455622 --> @kolaente commented on GitHub (Aug 18, 2025): Did you set a publicurl? You can pin your docker configuration to `0.24.6`. Rolling back is not really supported though, you'll need to restore a backup and switch to the old version.

GiteaMirror commented 2026-04-20 16:56:28 -05:00

Author

Owner

Copy Link

@Novanglus96 commented on GitHub (Aug 18, 2025):

I did not have a publicurl set, just a frontend url. Adding VIKUNJA_SERVICE_PUBLICURL to my config worked!

Thanks!

<!-- gh-comment-id:3197485655 --> @Novanglus96 commented on GitHub (Aug 18, 2025): I did not have a publicurl set, just a frontend url. Adding VIKUNJA_SERVICE_PUBLICURL to my config worked! Thanks!

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

feat-v2-foundation

spike-huma-openapi3

claude/investigate-swagger3-support-nyyUa

feat-list-view-buckets

ci-mysql-8-test

codex/analyze-codebase-for-email-task-feature

feat-project-templates

csv-import-feature

claude/email-reply-comments-wpdcQ

fix-oidc-pkce-support

fix/overview-subtasks-expand

feat/bucket-select-task-detail

feat-soft-delete-projects

claude/review-bot-design-plan-cf5C3

claude/project-scoped-api-tokens-KTqR3

claude/explore-openclaw-integration-KQEzg

claude/project-scoped-api-tokens-yv5KS

fix-duplicate-close-button

feat-list-view-sorting

feat/official-vite-sentry-plugin

feat/highlight-overdue-tasks

feat/add-enter-key-form-submission-handling

feat/TipTap-nits

feat/update-caldavtimetotimestamp-parsing

feat-phosphor-icons

wip-plans

claude/investigate-issue-2173-llKme

fix-description-text-drag

feat-custom-keyboard-shortcuts

pr-1845-ci

codex/fix-drag-and-drop-behavior-inconsistency

copilot/add-clickable-labels-for-filtering

copilot/fix-issue-1786

playwright-migration

fix-kanban-repeating-wip

copilot/fix-1498

feature/replace-axios

codex/upgrade-to-tailwind-4.1.8-using-pnpm

codex/add-cypress-test-for-avatar-types

feature/biome

feature/oxc

codex/update-flexsearch-to-0.8.205

4r6ni9-codex/fix-deprecated-sass-@import-usage

codex/fix-deprecated-sass-@import-usage

codex/add-cypress-test-for-task-list-refresh-fix

codex/fix-quick-add-magic-not-adding-tasks

codex/fix-all-type-errors

codex/fix-mimetype-for-docs.json

feature/caldav-from-scratch

feature/gh-actions-hetzner

fix-ci

feat/new-logger

jyte-better-dev-config

feat/add-team-member-with-enter

fix/button-and-icon-types

fix/notifications-component-name-collision

feature/null-time

renovate/tailwindcss-4.x

feature/unplugin-vue-router

fix/deprecated-import

feature/zod-schema

renovate/golangci-golangci-lint-1.x

fix/tiptap-editor-reactive-destructuring

release/0.24

feat/improve-add-task

fix/saved-filter-search

feat/webp-and-avif-attachment-previews

feature/migrate-back-to-bulma

fix/sass-add-missing-list-import

feature/sticky-demo-bar

fix/gantt-view-switch

feature/typesense-position-join

feature/focus-visible

dependencies/golangci-lint

feature/better-filter-syntax

fix/tiptap-task-list

renovate/github.com-golang-jwt-jwt-v4-5.x

feature/hide-forbidden-related-tasks

renovate/golang-1.x

release/0.20

release/0.17

release/0.16

release/0.15

release/0.14

v2.3.0

v2.2.2

v2.2.1

v2.2.0

v2.1.0

v2.0.0

v1.1.0

v1.0.0

v1.0.0-rc4

v1.0.0-rc3

v1.0.0-rc2

v1.0.0-rc1

v1.0.0-rc0

v0.24.6

v0.24.5

v0.24.4

v0.24.3

v0.24.2

v0.24.1

v0.24.0

v0.23.0

v0.22.1

v0.22.0

0.21.0

v0.21.0

v0.20.4

v0.20.5

v0.20.3

v0.20.2

v0.20.1

v0.20.0

v0.19.2

v0.19.1

v0.19.0

vue3

v0.18.1

v0.18.0

v0.17.1

v0.17.0

v0.16.1

v0.16.0

v0.15.1

v0.15.0

v0.14.1

v0.14.0

v0.13.1

v0.13

v0.12

v0.11

v0.10

v0.9

v0.8

v0.7

v0.6

v0.5

v0.4

v0.3

v0.2

v0.1

Labels

Clear labels

area/api

area/attachments

area/auth

area/avatars

area/backup-restore

area/caldav

area/calendar-view

area/comments

area/config

area/database

area/desktop

area/docker

area/email

area/favorites

area/filters

area/frontend

area/gantt

area/i18n

area/import-export

area/internal-code

area/kanban

area/labels

area/list-view

area/mobile

area/notifications

area/permissions

area/projects

area/pwa

area/recurring-tasks

area/reminders

area/search

area/shortcuts

area/subtasks

area/sync

area/table-view

area/task-editor

area/task-metadata

area/task-relations

area/teams

area/theming

area/time-tracking

area/typesense

area/views

area/webhooks

bug

changes requested

concern/accessibility

concern/performance

concern/regression

concern/ux

confirmed

db/mysql

dependencies

enhancement

good first issue

help wanted

integration/inbound

integration/outbound

kind/bug

kind/feature

needs reproduction

pull-request

Mirrored from GitHub Pull Request

question

security

support

upstream issue

waiting for reply

wontfix

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/vikunja#6348