LogInController doesn't handle validation exceptions properly

[dsevillamartin]

Current Behavior

Logging in is the only auth route that doesn't use the API.

• Signing up is /register, which uses /api/users in the background
• Forgot password is /api/forgot

By default, the LogInValidator doesn't have any rules. This is on purpose, so that it can be extended. However, if you have failing rules there, the ValidationExceptionHandler won't return JSON since this is not an API route. Instead, it'll return a 422 with the exception stack trace (in debug mode):

POST /login

Illuminate\Validation\ValidationException: The given data was invalid. in file ./vendor/flarum/core/src/Foundation/AbstractValidator.php on line 64
Stack trace:
  1. Illuminate\Validation\ValidationException->() ./vendor/flarum/core/src/Foundation/AbstractValidator.php:64
  2. Flarum\Foundation\AbstractValidator->assertValid() .vendor/flarum/core/src/Forum/Controller/LogInController.php:83

Steps to Reproduce

1. Add a rule to LogInValidator (e.g. enable login recaptcha with fof/recaptcha)
2. Fail the validation rules (e.g. make request to /login without g-recaptcha-response)
3. View 422 with no JSON response

Expected Behavior

The route should return JSON on a validation exception

Screenshots

reCAPTCHA failure:

Authentication failure:

Environment

• Flarum version: 1.8.1
• Webserver: nginx

Output of php flarum info

No response

Possible Solution

No response

Additional Context

See FriendsOfFlarum/recaptcha#39 and https://discuss.flarum.org/d/18399-friendsofflarum-recaptcha/173