diff --git a/src/app/api/customer/AuthController.ts b/src/app/api/customer/AuthController.ts
index 4cbd2578..40b07421 100644
--- a/src/app/api/customer/AuthController.ts
+++ b/src/app/api/customer/AuthController.ts
@@ -48,26 +48,26 @@ export default class AuthController extends ApiController {
 	@Post("/api/v1/customer/auth/login")
 	protected async login(req: Request, response: Response) {
 		const email = req.body["email"];
-		const smsCode = req.body["smsCode"];
+		const totpCode = req.body["totpCode"];
 		const password = req.body["password"];
 
 		if (!email) {
-			this.httpBadRequest(response, "Email is required");
+			this.httpBadRequest(response, "email is required");
 			return;
 		}
 
-		if (!smsCode) {
-			this.httpBadRequest(response, "Sms code is required");
+		if (!totpCode) {
+			this.httpBadRequest(response, "totpCode is required");
 			return;
 		}
 
 		if (!password) {
-			this.httpBadRequest(response, "Password is required");
+			this.httpBadRequest(response, "password is required");
 			return;
 		}
 
 		try {
-			const customer = await this.customerService.login(email, smsCode, password);
+			const customer = await this.customerService.login(email, totpCode, password);
 			if (!customer) {
 				this.httpBadRequest(response, "Customer not found");
 				return;
@@ -97,7 +97,7 @@ export default class AuthController extends ApiController {
 	@Post("/api/v1/customer/auth/set-password")
 	protected async setPassword(req: Request, response: Response) {
 		const email = req.body["email"];
-		const smsCode = req.body["smsCode"];
+		const totpCode = req.body["totpCode"];
 		const password = req.body["password"];
 
 		if (!email) {
@@ -105,7 +105,7 @@ export default class AuthController extends ApiController {
 			return;
 		}
 
-		if (!smsCode) {
+		if (!totpCode) {
 			this.httpBadRequest(response, "Sms code is required");
 			return;
 		}
@@ -116,7 +116,7 @@ export default class AuthController extends ApiController {
 		}
 
 		try {
-			const customer = await this.customerService.setFirstPassword(email, smsCode, password);
+			const customer = await this.customerService.setFirstPassword(email, totpCode, password);
 			if (!customer) {
 				this.httpBadRequest(response, "Customer not found");
 				return;
@@ -164,7 +164,7 @@ export default class AuthController extends ApiController {
 				this.httpNotFoundRequest(response, "Customer not found");
 				return;
 			}
-			this.httpSuccess(response, { validCode: true });
+			this.httpSuccess(response, { validCode: true, firstConnection: customer.password === null });
 		} catch (error) {
 			if (error instanceof InvalidTotpCodeError || error instanceof TotpCodeExpiredError) {
 				this.httpUnauthorized(response, error.message);