Closed DannyBen closed 4 years ago
Thanks for opening the issue. I will take a look at this as soon as I can. You definitely seem right that this should not be used twice and not until the user has fully enabled 2FA.
Thank you. I think the success flash can just be removed from the first (save user) operation. In this case, the simplest solution seems to also be the best.
Thank you!
It seems like this flash message:
Is used in two places, which are different.
I believe there should be no flash message after registering the user, since we already are redirected to the next page to proceed with the validation process.
In any case, I do not understand how nobody complained about it so far - unless I missed something, this is sending users the wrong information, without the developer's ability to update (i.e. cannot edit the locale text, since it is used in two contexts - one correct, one not).
I believe the offending code is here: https://github.com/twilio/authy-devise/blob/cc38aa4bb2018e5f0f193604b14bae96009c9eb7/app/controllers/devise/devise_authy_controller.rb#L59-L66