heartcombo · wwenrr · Apr 1, 2026 · Apr 1, 2026
diff --git a/lib/devise/failure_app.rb b/lib/devise/failure_app.rb
@@ -114,7 +114,7 @@ def i18n_message(default = nil)
         human_keys = (auth_keys.respond_to?(:keys) ? auth_keys.keys : auth_keys).map { |key|
           # TODO: Remove the fallback and just use `downcase_first` once we drop support for Rails 7.0.
           human_key = scope_class.human_attribute_name(key)
-          human_key.respond_to?(:downcase_first) ? human_key.downcase_first : human_key[0].downcase + human_key[1..]
+          human_key.include?(" ") ? human_key.downcase : (human_key.respond_to?(:downcase_first) ? human_key.downcase_first : human_key[0].downcase + human_key[1..])
         }
         options[:authentication_keys] = human_keys.join(I18n.t(:"support.array.words_connector"))
         options = i18n_options(options)

diff --git a/test/failure_app_test.rb b/test/failure_app_test.rb
@@ -200,6 +200,15 @@ def call_failure(env_params = {})
       assert_equal 'Invalid email or password.', @request.flash[:alert]
     end
 
+    test 'preserves translation capitalization after auth key replacement' do
+      store_translations :en,
+        activerecord: { attributes: { user: { email: 'Email Address' } } },
+        mongoid: { attributes: { user: { email: 'Email Address' } } } do
+        call_failure('warden' => OpenStruct.new(message: :invalid))
+        assert_equal 'Invalid email address or password.', @request.flash[:alert]
+      end
+    end
+
     test 'humanizes the flash message' do
       call_failure('warden' => OpenStruct.new(message: :invalid))
       assert_equal @request.flash[:alert], @request.flash[:alert].humanize