Upgrading to 2FAuth v8
Hight Impact Changes
OAuth Key files permissions
The component responsible of the authentication process (Passport) now validates the permissions of key files on supported operating systems. The Docker image as well as the installation wizard of 2FAuth v8 already apply the necessary changes automatically but you may face an error page, though.
If you upgrade manually, run the following command at the end of your upgrade process:
php artisan 2fauth:fix-passport-key-permissions
Possible Docker issue
When using Docker, you may encounter the following error: chmod(): Operation not permitted. This is probably because the ownership of the key files is not correct.
Ensure the /storage/oauth-private.key and /storage/oauth-public.key files stored in the directory of your bound volume are owned by user:group 1000:1000.
You may also change the file permissions manually:
oauth-private.keypermissions must be set to0660oauth-public.keypermissions must be set to0600
Authentication proxy must be trusted
If you are using an authentication proxy in front of 2FAuth (meaning you have AUTHENTICATION_GUARD=reverse-proxy-guard in your environment variables), you must now declared this proxy as trusted.
Set (or complete) the TRUSTED_PROXIES environment variable with the address of your authentication proxy.
Medium Impact Changes
Personal Access Tokens invalidation
The way authentication tokens are generated has changed due to an update to one of the underlying components, so all your personal access tokens created using 2FAuth v7 or an earlier version will become invalid. They will no longer be visible in Settings > OAuth > Personal Access Token.
You will have to create new tokens.
Low Impact Changes
New environment variables
The new PHP_MEMORY_LIMIT_TEMP_OVERRIDE environment variable lets you control the maximum amount of memory PHP can consume temporarily during QR Code detection operations.
See PHP_MEMORY_LIMIT_TEMP_OVERRIDE.