Prevented inadvertant logging during MFA flow

- Added StoppedAuthenticationException to dontReport list. - Added test to cover. Closes #3468
2024-07-05 02:51:32 +00:00 · 2022-05-30 18:31:08 +01:00 · 2022-05-30 18:31:08 +01:00 · 16e023985d
commit 16e023985d
parent 43cbab2822
2 changed files with 11 additions and 0 deletions
--- a/app/Exceptions/Handler.php
+++ b/app/Exceptions/Handler.php
@ -21,6 +21,7 @@ class Handler extends ExceptionHandler
     */
    protected $dontReport = [
        NotFoundException::class,
+        StoppedAuthenticationException::class,
    ];

    /**
--- a/tests/Auth/MfaVerificationTest.php
+++ b/tests/Auth/MfaVerificationTest.php
@ -241,6 +241,16 @@ class MfaVerificationTest extends TestCase
        }
    }

+    public function test_login_mfa_interception_does_not_log_error()
+    {
+        $logHandler = $this->withTestLogger();
+
+        [$user, $secret, $loginResp] = $this->startTotpLogin();
+
+        $loginResp->assertRedirect('/mfa/verify');
+        $this->assertFalse($logHandler->hasErrorRecords());
+    }
+
    /**
     * @return array<User, string, TestResponse>
     */