Seafile Pro 8.0.3 2FA broken?

I observed some potential errors with 2FA in Seafile Server Pro 8.0.3.

First, I had problems connecting with SeaDrive Client (2.0.13) from macOS. I had had the SeaDrive Client working for months over several server upgrades (7.x.x => 8.0.3) without problems or disconnects. Then, all of a sudden, it got disconnected, and when I tried to re-login, it kept asking for a 2FA code over and over again.

The logs showed:
… after entering user name and PW:
request failed for https://seafile..../api2/auth-token/: {"non_field_errors":["Two factor auth token is missing."]}

… and then after entering 2FA code in the prompt:
request failed for https://seafile..../api2/auth-token/: {"non_field_errors":["Two factor auth token is invalid."]}

… strangely enough. I tried re-installing SeaDrive and removing the user config folder ~/.seadrive, without success. I also tried one of the 10 static backup codes that are generated when 2FA is enabled, didn’t work either.

Then, I disabled 2FA for that user on the server. SeaDrive connected successfully. Ok, seemed like a bug of the SeaDrive client, I thought.

But when I re-enabled 2FA for that user, problems got worse. The 10 new static backup codes that were shown were all printed with a leading b' and trailing ', so Python bytes encoding, I assume.
Bildschirmfoto 2021-05-03 um 21.10.14

I logged out from that user and tried to re-logging in the browser using one of the static codes, with and without the b'...', neither worked.
Luckily, the temporary numeric 2FA code worked, otherwise my user would’ve been locked-out.

So, it looks to me as if there is a serious bug in Seafile Pro 8.0.3 that leads to wrong static 2FA codes being generated / printed to the user. I the 2FA device is lost / not available / destroyed / whatever, the account is locked out.

We will check the problem later.