With the current implementation when a user provides an invalid 2FA code, the user is been redirected to the login route. Instead, a more suitable approach would be to redirect the user back to the 2FA route for re-entering the code (same as the behavior on the forge website and many others).

Before opening a PR I wanted to know if it is something the laravel team would consider addressing at the moment, I know it was mentioned on a previous PR (#325 ) and this is why I am asking (@taylorotwell mentioned he might not have the time to vet the code at moment).

Regardless, thanks for the great work.

Resubmit this with a filled out issue template.