Skip to content

Commit

Permalink
Return recovery errors under the recovery_code key (#401)
Browse files Browse the repository at this point in the history
  • Loading branch information
@jessarcher
jessarcher authored Aug 15, 2022
1 parent 06c7a41 commit cde0612
Show file tree
Hide file tree
Showing 2 changed files with 9 additions and 5 deletions.
8 changes: 5 additions & 3 deletions src/Http/Responses/FailedTwoFactorLoginResponse.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -15,14 +15,16 @@ class FailedTwoFactorLoginResponse implements FailedTwoFactorLoginResponseContra
*/
public function toResponse($request)
{
$message = __('The provided two factor authentication code was invalid.');
[$key, $message] = $request->has('recovery_code')
? ['recovery_code', __('The provided two factor recovery code was invalid.')]
: ['code', __('The provided two factor authentication code was invalid.')];

if ($request->wantsJson()) {
throw ValidationException::withMessages([
'code' => [$message],
$key => [$message],
]);
}

return redirect()->route('two-factor.login')->withErrors(['code' => $message]);
return redirect()->route('two-factor.login')->withErrors([$key => $message]);
}
}
6 changes: 4 additions & 2 deletions tests/AuthenticatedSessionControllerTest.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -328,7 +328,8 @@ public function test_two_factor_challenge_fails_for_old_otp_and_zero_window()
]);

$response->assertRedirect('/two-factor-challenge')
->assertSessionHas('login.id');
->assertSessionHas('login.id')
->assertSessionHasErrors(['code']);
}

public function test_two_factor_challenge_can_be_passed_via_recovery_code()
Expand Down Expand Up @@ -380,7 +381,8 @@ public function test_two_factor_challenge_can_fail_via_recovery_code()
]);

$response->assertRedirect('/two-factor-challenge')
->assertSessionHas('login.id');
->assertSessionHas('login.id')
->assertSessionHasErrors(['recovery_code']);
$this->assertNull(Auth::getUser());
}

Expand Down

0 comments on commit cde0612

Please sign in to comment.