Allow wider window for totp verification (#5811)
As server time and client time may not necessarily match
This commit is contained in:
parent
5b63c23ae1
commit
391500bdac
@ -89,7 +89,8 @@ export default async (ctx: Koa.Context) => {
|
|||||||
const verified = (speakeasy as any).totp.verify({
|
const verified = (speakeasy as any).totp.verify({
|
||||||
secret: profile.twoFactorSecret,
|
secret: profile.twoFactorSecret,
|
||||||
encoding: 'base32',
|
encoding: 'base32',
|
||||||
token: token
|
token: token,
|
||||||
|
window: 2
|
||||||
});
|
});
|
||||||
|
|
||||||
if (verified) {
|
if (verified) {
|
||||||
|
Loading…
Reference in New Issue
Block a user