diff --git a/src/Http/Responses/FailedTwoFactorLoginResponse.php b/src/Http/Responses/FailedTwoFactorLoginResponse.php index f81825ff..44cacfc3 100644 --- a/src/Http/Responses/FailedTwoFactorLoginResponse.php +++ b/src/Http/Responses/FailedTwoFactorLoginResponse.php @@ -15,14 +15,16 @@ class FailedTwoFactorLoginResponse implements FailedTwoFactorLoginResponseContra */ public function toResponse($request) { - $message = __('The provided two factor authentication code was invalid.'); + [$key, $message] = $request->has('recovery_code') + ? ['recovery_code', __('The provided two factor recovery code was invalid.')] + : ['code', __('The provided two factor authentication code was invalid.')]; if ($request->wantsJson()) { throw ValidationException::withMessages([ - 'code' => [$message], + $key => [$message], ]); } - return redirect()->route('two-factor.login')->withErrors(['code' => $message]); + return redirect()->route('two-factor.login')->withErrors([$key => $message]); } } diff --git a/tests/AuthenticatedSessionControllerTest.php b/tests/AuthenticatedSessionControllerTest.php index f2ee9795..c997bfee 100644 --- a/tests/AuthenticatedSessionControllerTest.php +++ b/tests/AuthenticatedSessionControllerTest.php @@ -328,7 +328,8 @@ public function test_two_factor_challenge_fails_for_old_otp_and_zero_window() ]); $response->assertRedirect('/two-factor-challenge') - ->assertSessionHas('login.id'); + ->assertSessionHas('login.id') + ->assertSessionHasErrors(['code']); } public function test_two_factor_challenge_can_be_passed_via_recovery_code() @@ -380,7 +381,8 @@ public function test_two_factor_challenge_can_fail_via_recovery_code() ]); $response->assertRedirect('/two-factor-challenge') - ->assertSessionHas('login.id'); + ->assertSessionHas('login.id') + ->assertSessionHasErrors(['recovery_code']); $this->assertNull(Auth::getUser()); }