The POST_verify_authy_installation after successful verification does not invoke record_authy_authentication method so some resources are not updated after very first time 2FA setup such as the last_sign_in_with_authy attribute on the model and the session["#{resource_name}_authy_token_checked"] session key.
This prevents one from using the session["user_authy_token_checked"] session key to check if user has been successfully verified/logged in with 2FA first-time.
The
POST_verify_authy_installation
after successful verification does not invokerecord_authy_authentication
method so some resources are not updated after very first time 2FA setup such as thelast_sign_in_with_authy
attribute on the model and thesession["#{resource_name}_authy_token_checked"]
session key.This prevents one from using the
session["user_authy_token_checked"]
session key to check if user has been successfully verified/logged in with 2FA first-time.PR to Fix for Issue #86