second factor type is not stored in history in case of a 2FA failure
Summary
If you add the _2f
session variable to sessionDataToRemember
, you will only see the _2f variable in your login history if it succeeded
1FA failure:
# 'failedLogin' => [
# {
# '_auth' => 'Demo',
# ...
# },
2FA failure:
# 'failedLogin' => [
# {
# '_auth' => 'Demo',
# '_2f' => undef,
# ...
# },
Design proposition
We should set the _2f variable even if 2FA failed, so it can be displayed in history