From b762ea37d2e19139490aeab5ee553fb3c9447c74 Mon Sep 17 00:00:00 2001
From: David Bomba <turbo124@gmail.com>
Date: Wed, 17 Mar 2021 00:40:58 +1100
Subject: [PATCH] Throw 400's on incorrect 2FA data

---
 app/Http/Controllers/TwoFactorController.php | 4 ++--
 app/Models/Gateway.php                       | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/app/Http/Controllers/TwoFactorController.php b/app/Http/Controllers/TwoFactorController.php
index 4efe18b8d120..c1f6a8f5c1e9 100644
--- a/app/Http/Controllers/TwoFactorController.php
+++ b/app/Http/Controllers/TwoFactorController.php
@@ -62,11 +62,11 @@ class TwoFactorController extends BaseController
 
         } elseif (! $secret || ! $google2fa->verifyKey($secret, $oneTimePassword)) {
 
-            return response()->json(['message' => ctrans('texts.invalid_one_time_password')]);
+            return response()->json(['message' => ctrans('texts.invalid_one_time_password')], 400);
 
         } 
             
-        return response()->json(['message' => 'No phone record or user is not confirmed']);
+        return response()->json(['message' => 'No phone record or user is not confirmed'], 400);
         
     }
     
diff --git a/app/Models/Gateway.php b/app/Models/Gateway.php
index 5415440cd735..5d470680aab5 100644
--- a/app/Models/Gateway.php
+++ b/app/Models/Gateway.php
@@ -74,7 +74,7 @@ class Gateway extends StaticModel
      * Returns an array of methods and the gatewaytypes possible
      *
      * @return array
-     *///todo remove methods replace with gatewaytype:: and then nest refund / token billing
+     */
     public function getMethods()
     {
         switch ($this->id) {