This is related to #988 and more items.
- Move session delete
$this->getRequest()->getSession()->delete(AuthenticationService::TWO_FACTOR_VERIFY_SESSION_KEY);
from LoginTrait::login to OneTimePasswordVerifyTrait
- On verification page instead of redirecting to login after invalid code submit we should ask the code again
This is related to #988 and more items.
$this->getRequest()->getSession()->delete(AuthenticationService::TWO_FACTOR_VERIFY_SESSION_KEY);from LoginTrait::login to OneTimePasswordVerifyTrait