i18n

[alec-c4]

Hey, there is a little bit of strange behavior. When I sign in using devise-two-factor I see devise.failure.already_authenticated message. What's wrong with it?

[hoppergee]

https://github.com/heartcombo/devise/blob/main/app/controllers/devise_controller.rb#L102-L118
There's only one method is using this message: require_no_authentication. Check your code whether this method is being misused in the controller.

[zachbodek]

I get the same issue. Did you find a resolution for it?

[hoppergee]

zachbodek

Can you offer a sample code to help to reproduce this issue?

[zachbodek]

I followed along with this guide that allows OTP to be its own page.

[dcorking]

I have been able to reproduce this issue with the sample app mentioned by @zachbodek : https://github.com/jamesridgway/devise-otp-second-step

(The sample session controller hook is here: https://github.com/jamesridgway/devise-otp-second-step/blob/master/app/controllers/concerns/authenticate_with_otp_two_factor.rb )

[dcorking]

There is a solution that fixes this issue in the sample app at jamesridgway/devise-otp-second-step#24

It doesn't seem to be specific to devise-two-factor, and rather is caused by the overall approach the sample app uses to a two-step authentication in devise.