From 95cbbc6613273ec17402755298cb60c1b004e34d Mon Sep 17 00:00:00 2001
From: adjoly <contact@adjoly.fr>
Date: Thu, 16 Oct 2025 12:33:49 +0200
Subject: [PATCH] =?UTF-8?q?=E3=80=8C=F0=9F=93=9D=E3=80=8D=20doc(auth):=20a?=
 =?UTF-8?q?dded=20doc=20for=202fa=20in=20login?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 doc/auth/login.md     | 11 +++++++++--
 src/api/auth/login.js |  4 ++--
 2 files changed, 11 insertions(+), 4 deletions(-)

diff --git a/doc/auth/login.md b/doc/auth/login.md
index 76945d3..eff517d 100644
--- a/doc/auth/login.md
+++ b/doc/auth/login.md
@@ -21,7 +21,8 @@ Input needed :
 ```json
 {
     "user": "<string>",
-    "password": "<string>"
+    "password": "<string>",
+    (optional)"token": "<2fa token>"
 }
 ```
 
@@ -32,7 +33,13 @@ Can return:
     "msg": "Login successfully"
 }
 ```
-- 400 with response
+- 402 with response
+```json
+{
+    "msg": "Please specify a 2fa token"
+}
+```
+- 400 || 401 with response
 ```json
 {
     "error": "<corresponding error>"
diff --git a/src/api/auth/login.js b/src/api/auth/login.js
index 2580383..83d9a76 100644
--- a/src/api/auth/login.js
+++ b/src/api/auth/login.js
@@ -37,8 +37,8 @@ export async function login(request, reply, fastify) {
 
 		const userTOTP = authDB.getUser(user);
 		if (userTOTP.totpEnabled == 1) {
-			if (!request.body.token){
-				return reply.code(401).send({ error: 'Invalid 2FA token' });
+			if (!request.body.token) {
+				return reply.code(402).send({ error: 'Please specify a 2fa token' });
 			}
 			const isValid = verifyTOTP(userTOTP.totpHash, request.body.token);
 			if (!isValid) {