Hi,

I recently upgraded our wiki from 1.29.1 to 1.35.2, and I enabled some new extensions along the way. One of these was OATHAuth. Since the upgrade, I have had about 5 different users complain that they were being prompted for a 2FA code despite never having set it up. I did a bit of digging in the database and found that none of the user IDs matched the IDs in the oathauth_users table, and I'm currently under the impression that those should be user IDs. We do use CentralAuth, as we have multiple wikis, but neither the global nor local IDs matched up. I'm not sure if we've hit a bug or if I'm misinterpreting what that field is supposed to represent, but I was hoping someone could help point me in the right direction. I've had to disable the extension because it was preventing legitimate logins, but we would like to have it enabled if we can fix this.