Changing allauth/layouts/base.html causing mfa not to authenticate about django-allauth HOT 6 CLOSED

MFA attempts are rate limitted, though you will get a clear "too many login attempts" error, not "incorrect code".

from django-allauth.

Ok, I've narrowed the issue down to when allauth/layouts/base.html is changed to extending my base.html, the code isn't read properly in the activation process. Everything else seems to work.

I've included my base.html, is there anything that you can see that would interfere with mfa? I've confirmed that the form being used is exactly the same as the default mfa activation form.

I even confirmed that my changed, styled mfa activation form isn't the issue, as I used it and replaced my base.html with the default allauth/layouts/base.html and it worked perfectly.

Base.html:
https://codefile.io/f/g72BVcHUNI

from django-allauth.

Update:

It seems like if I remove the blank favicons links near the top of the page, the authenticator app works perfectly... I'm just at a complete loss as to why

from django-allauth.

There is a feature that automatically purges the session when you navigate away from the MFA signin page. Perhaps that is somehow interfering? So, you have the MFA signin page in front of you and you then navigate to any other page, the MFA session is gone. Now, in earlier versions there was an issue where this even happened if a favicon.ico was requested, but that has been fixed. What version are you on?

from django-allauth.

I'm on version 0.58.2

from django-allauth.

Having a blank favicon is incorrect. It causes your browser to make a regular request with a text/html response, which the middleware interprets as navigating away from the MFA page.

from django-allauth.