Prevented inadvertant logging during MFA flow

author Dan Brown <redacted>

Mon, 30 May 2022 17:31:08 +0000 (18:31 +0100)

committer Dan Brown <redacted>

Mon, 30 May 2022 17:31:08 +0000 (18:31 +0100)
author Dan Brown <redacted>
Mon, 30 May 2022 17:31:08 +0000 (18:31 +0100)
committer Dan Brown <redacted>
Mon, 30 May 2022 17:31:08 +0000 (18:31 +0100)
diff --git a/app/Exceptions/Handler.php b/app/Exceptions/Handler.php

index 317b011d87de92f3369d7b1b3a993efacdd1c864..187664f9ef7cf779c9f7e85321975e176f789d42 100644 (file)
--- a/app/Exceptions/Handler.php
+++ b/app/Exceptions/Handler.php
@@ -21,6 +21,7 @@ class Handler extends ExceptionHandler
       */
      protected $dontReport = [
          NotFoundException::class,
+        StoppedAuthenticationException::class,
      ];
  
      /**
diff --git a/tests/Auth/MfaVerificationTest.php b/tests/Auth/MfaVerificationTest.php

index 9a6106243241d00e8cfd9c95b493ae1a62a49d9d..7286a1de8b997ee5dbc0295ac841a4e13da1fb3b 100644 (file)
--- a/tests/Auth/MfaVerificationTest.php
+++ b/tests/Auth/MfaVerificationTest.php
@@ -241,6 +241,16 @@ class MfaVerificationTest extends TestCase
          }
      }
  
+    public function test_login_mfa_interception_does_not_log_error()
+    {
+        $logHandler = $this->withTestLogger();
+
+        [$user, $secret, $loginResp] = $this->startTotpLogin();
+
+        $loginResp->assertRedirect('/mfa/verify');
+        $this->assertFalse($logHandler->hasErrorRecords());
+    }
+
      /**
       * @return array<User, string, TestResponse>
       */
author	Dan Brown <redacted>
	Mon, 30 May 2022 17:31:08 +0000 (18:31 +0100)
committer	Dan Brown <redacted>
	Mon, 30 May 2022 17:31:08 +0000 (18:31 +0100)
app/Exceptions/Handler.php		patch \| blob \| history
tests/Auth/MfaVerificationTest.php		patch \| blob \| history