jjkiers/cloudron-box
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

totp: set window to 2

Browse Source 
see https://github.com/speakeasyjs/speakeasy#specifying-a-window-for-verifying-hotp-and-totp

A TOTP is incremented every step time-step seconds. By default, the time-step is
30 seconds. Window of 2 means, +- 2 steps.

Fixes #633
This commit is contained in:
Girish Ramakrishnan
2019-07-23 14:42:03 -07:00
parent 3553fbc7b6
commit 9a0d5b918f
4 changed files with 4 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files
src/routes/developer.js
+1 -1
View File
@@ -20,7 +20,7 @@ function login(req, res, next) {
if (!user.ghost && user.twoFactorAuthenticationEnabled) {
if (!req.body.totpToken) return next(new HttpError(401, 'A totpToken must be provided'));
let verified = speakeasy.totp.verify({ secret: user.twoFactorAuthenticationSecret, encoding: 'base32', token: req.body.totpToken });
let verified = speakeasy.totp.verify({ secret: user.twoFactorAuthenticationSecret, encoding: 'base32', token: req.body.totpToken, window: 2 });
if (!verified) return next(new HttpError(401, 'Invalid totpToken'));
}