From 20242526f744e0d499ef16c1e3b95a9128341390 Mon Sep 17 00:00:00 2001 From: Pavlo Kulyk Date: Fri, 15 May 2026 10:59:59 +0300 Subject: [PATCH 1/7] fix: update error response for failed verification to include status code --- index.ts | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/index.ts b/index.ts index 2fc4035..a14d9d3 100644 --- a/index.ts +++ b/index.ts @@ -601,7 +601,8 @@ export default class TwoFactorsAuthPlugin extends AdminForthPlugin { this.adminforth.auth.setAuthCookie({expireInDuration: decoded.sessionDuration, response, username:decoded.userName, pk:decoded.pk}) return { status: 'ok', allowedLogin: true } } else { - return {error: 'Verification failed'} + response.status = 403; + return {error: 'Verification failed', } } } } From 91f945f328e7d7e6c789c1760a26072ccddfa5f4 Mon Sep 17 00:00:00 2001 From: Pavlo Kulyk Date: Fri, 15 May 2026 11:07:06 +0300 Subject: [PATCH 2/7] fix: update response status handling for verification failure to use setStatus method --- index.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.ts b/index.ts index a14d9d3..e3c8d31 100644 --- a/index.ts +++ b/index.ts @@ -601,7 +601,7 @@ export default class TwoFactorsAuthPlugin extends AdminForthPlugin { this.adminforth.auth.setAuthCookie({expireInDuration: decoded.sessionDuration, response, username:decoded.userName, pk:decoded.pk}) return { status: 'ok', allowedLogin: true } } else { - response.status = 403; + response.setStatus(403, 'Forbidden'); return {error: 'Verification failed', } } } From 84e093c8ffb83b1759d4af780fcc88484b20457f Mon Sep 17 00:00:00 2001 From: Pavlo Kulyk Date: Fri, 15 May 2026 11:24:19 +0300 Subject: [PATCH 3/7] fix: simplify error response for verification failure by removing redundant message --- index.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.ts b/index.ts index e3c8d31..c593a73 100644 --- a/index.ts +++ b/index.ts @@ -601,7 +601,7 @@ export default class TwoFactorsAuthPlugin extends AdminForthPlugin { this.adminforth.auth.setAuthCookie({expireInDuration: decoded.sessionDuration, response, username:decoded.userName, pk:decoded.pk}) return { status: 'ok', allowedLogin: true } } else { - response.setStatus(403, 'Forbidden'); + response.setStatus(403); return {error: 'Verification failed', } } } From 43a505c182119768bfd452dfc85153dd3414c2f4 Mon Sep 17 00:00:00 2001 From: Pavlo Kulyk Date: Fri, 15 May 2026 11:48:34 +0300 Subject: [PATCH 4/7] fix: enhance error handling for passkey creation with specific messages for different error types --- custom/TwoFactorsPasskeysSettings.vue | 14 +++++++++++++- 1 file changed, 13 insertions(+), 1 deletion(-) diff --git a/custom/TwoFactorsPasskeysSettings.vue b/custom/TwoFactorsPasskeysSettings.vue index 13ad133..5614af6 100644 --- a/custom/TwoFactorsPasskeysSettings.vue +++ b/custom/TwoFactorsPasskeysSettings.vue @@ -241,7 +241,19 @@ return JSON.stringify((credential as PublicKeyCredential).toJSON()); } catch (error) { console.error(t('Error creating WebAuthn credential:', error)); - adminforth.alert({ message: t('Error creating passkey.'), variant: 'warning' }); + + let message = t('Failed to create passkey.'); + + if (error?.name === 'InvalidStateError') { + message = t('A passkey for this account already exists on this device.'); + } + + if (error?.name === 'NotSupportedError') { + message = t('Passkeys are not supported on this device or browser.'); + } + + adminforth.alert({ message, variant: 'danger'}); + return null; } } From 651adef561755ca3ce5b2e19567a488c55253659 Mon Sep 17 00:00:00 2001 From: Pavlo Kulyk Date: Fri, 15 May 2026 11:51:23 +0300 Subject: [PATCH 5/7] fix: add new case for error --- custom/TwoFactorsPasskeysSettings.vue | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/custom/TwoFactorsPasskeysSettings.vue b/custom/TwoFactorsPasskeysSettings.vue index 5614af6..492afb5 100644 --- a/custom/TwoFactorsPasskeysSettings.vue +++ b/custom/TwoFactorsPasskeysSettings.vue @@ -248,6 +248,10 @@ message = t('A passkey for this account already exists on this device.'); } + if (error?.name === 'NotAllowedError') { + message = t('Passkey creation was cancelled.'); + } + if (error?.name === 'NotSupportedError') { message = t('Passkeys are not supported on this device or browser.'); } From 520f7fd6482325c98796a39da2974755a9f6ac90 Mon Sep 17 00:00:00 2001 From: Pavlo Kulyk Date: Fri, 15 May 2026 14:05:51 +0300 Subject: [PATCH 6/7] fix: update error message for verification failure to specify wrong or expired TOTP code --- index.ts | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/index.ts b/index.ts index c593a73..3000595 100644 --- a/index.ts +++ b/index.ts @@ -602,7 +602,7 @@ export default class TwoFactorsAuthPlugin extends AdminForthPlugin { return { status: 'ok', allowedLogin: true } } else { response.setStatus(403); - return {error: 'Verification failed', } + return {error: 'Wrong or expired TOTP code', } } } } From cdc90b0a7646a6eebc029292b8fa974fdf9c0871 Mon Sep 17 00:00:00 2001 From: Pavlo Kulyk Date: Fri, 15 May 2026 15:44:25 +0300 Subject: [PATCH 7/7] fix: change alert variant to 'danger' for timeout or not allowed operation --- custom/utils.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/custom/utils.js b/custom/utils.js index 63ccf6d..997230f 100644 --- a/custom/utils.js +++ b/custom/utils.js @@ -122,7 +122,7 @@ codeError.value = t('A previous passkey attempt was still pending. Please try again.'); return null; } else if (name === 'NotAllowedError') { - adminforth.alert({ message: `The operation either timed out or was not allowed`, variant: 'warning' }); + adminforth.alert({ message: `The operation either timed out or was not allowed`, variant: 'danger' }); codeError.value = 'The operation either timed out or was not allowed.'; return null; } else {