diff --git a/src/main/java/io/supertokens/webserver/api/totp/VerifyTotpAPI.java b/src/main/java/io/supertokens/webserver/api/totp/VerifyTotpAPI.java index 0d3c89282..15e8db621 100644 --- a/src/main/java/io/supertokens/webserver/api/totp/VerifyTotpAPI.java +++ b/src/main/java/io/supertokens/webserver/api/totp/VerifyTotpAPI.java @@ -80,8 +80,8 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I result.addProperty("status", "INVALID_TOTP_ERROR"); super.sendJsonResponse(200, result, resp); if (getVersionFromRequest(req).greaterThanOrEqualTo(SemVer.v4_1)) { - result.addProperty("currentNumberOfAttempts", e.currentAttempts); - result.addProperty("maxNumberOfAttempts", e.maxAttempts); + result.addProperty("currentNumberOfFailedAttempts", e.currentAttempts); + result.addProperty("maxNumberOfFailedAttempts", e.maxAttempts); } } catch (UnknownTotpUserIdException e) { result.addProperty("status", "UNKNOWN_USER_ID_ERROR"); @@ -90,8 +90,8 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I result.addProperty("status", "LIMIT_REACHED_ERROR"); result.addProperty("retryAfterMs", e.retryAfterMs); if (getVersionFromRequest(req).greaterThanOrEqualTo(SemVer.v4_1)) { - result.addProperty("currentNumberOfAttempts", e.currentAttempts); - result.addProperty("maxNumberOfAttempts", e.maxAttempts); + result.addProperty("currentNumberOfFailedAttempts", e.currentAttempts); + result.addProperty("maxNumberOfFailedAttempts", e.maxAttempts); } super.sendJsonResponse(200, result, resp); } catch (StorageQueryException | StorageTransactionLogicException | FeatureNotEnabledException | diff --git a/src/main/java/io/supertokens/webserver/api/totp/VerifyTotpDeviceAPI.java b/src/main/java/io/supertokens/webserver/api/totp/VerifyTotpDeviceAPI.java index d09d36cdc..7a562d51b 100644 --- a/src/main/java/io/supertokens/webserver/api/totp/VerifyTotpDeviceAPI.java +++ b/src/main/java/io/supertokens/webserver/api/totp/VerifyTotpDeviceAPI.java @@ -86,16 +86,16 @@ protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws I result.addProperty("status", "INVALID_TOTP_ERROR"); if (getVersionFromRequest(req).greaterThanOrEqualTo(SemVer.v4_1)) { - result.addProperty("currentNumberOfAttempts", e.currentAttempts); - result.addProperty("maxNumberOfAttempts", e.maxAttempts); + result.addProperty("currentNumberOfFailedAttempts", e.currentAttempts); + result.addProperty("maxNumberOfFailedAttempts", e.maxAttempts); } super.sendJsonResponse(200, result, resp); } catch (LimitReachedException e) { result.addProperty("status", "LIMIT_REACHED_ERROR"); result.addProperty("retryAfterMs", e.retryAfterMs); if (getVersionFromRequest(req).greaterThanOrEqualTo(SemVer.v4_1)) { - result.addProperty("currentNumberOfAttempts", e.currentAttempts); - result.addProperty("maxNumberOfAttempts", e.maxAttempts); + result.addProperty("currentNumberOfFailedAttempts", e.currentAttempts); + result.addProperty("maxNumberOfFailedAttempts", e.maxAttempts); } super.sendJsonResponse(200, result, resp); } catch (StorageQueryException | StorageTransactionLogicException | TenantOrAppNotFoundException e) { diff --git a/src/test/java/io/supertokens/test/totp/api/VerifyTotpDeviceAPITest.java b/src/test/java/io/supertokens/test/totp/api/VerifyTotpDeviceAPITest.java index 82c18b883..8a55255c9 100644 --- a/src/test/java/io/supertokens/test/totp/api/VerifyTotpDeviceAPITest.java +++ b/src/test/java/io/supertokens/test/totp/api/VerifyTotpDeviceAPITest.java @@ -162,7 +162,10 @@ public void testApi() throws Exception { null, Utils.getCdiVersionStringLatestForTests(), "totp"); + assertEquals(3, res0.entrySet().size()); assert res0.get("status").getAsString().equals("INVALID_TOTP_ERROR"); + assertEquals(1, res0.get("currentNumberOfFailedAttempts").getAsInt()); + assertEquals(1, res0.get("maxNumberOfFailedAttempts").getAsInt()); // Check that rate limiting is triggered for the user: JsonObject res3 = HttpRequestForTesting.sendJsonPOSTRequest(