Recovery flow is not redirecting user to settings page when 2FA is enabled

[mmeller-wikia]

Preflight checklist

• I could not find a solution in the existing issues, docs, nor discussions.
• I agree to follow this project's Code of Conduct.
• I have read and am following this repository's Contribution Guidelines.
• This issue affects my Ory Network project.
• I have joined the Ory Community Slack.
• I am signed up to the Ory Security Patch Newsletter.

Describe the bug

Recovery flow is inconsistent to password users and 2FA users.
Recovery flow is not redirecting user to settings page when 2FA is enabled

Reproducing the bug

1. Configure AuthenticatorAssuranceLevel to use HighestAvailableAAL
2. Add 2FA to your account
3. Logout
4. Request recovery link
5. Click recovery link -> you are redirected to 2-step login page
6. Complete login with 2FA
7. You are redirected to default return url configured in Kratos (expected: redirect to settings flow and recovery message is displayed - like with only password protected accounts)

Relevant log output

Not relevant

Relevant configuration

selfservice:
  flows:
    settings:
      required_aal: highest_available

Version

v0.10.1, current master

On which operating system are you observing this issue?

Not relevant

In which environment are you deploying?

Not relevant

Additional Context

It is not possible to create suitable workaround on frontend (at least recovery message is lost).

[mmeller-wikia]

WIP PR #2831