Allow wider window for totp verification (#5811)

As server time and client time may not necessarily match
This commit is contained in:
DW 2020-02-01 21:50:15 -05:00 committed by GitHub
parent 5b63c23ae1
commit 391500bdac
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -89,7 +89,8 @@ export default async (ctx: Koa.Context) => {
const verified = (speakeasy as any).totp.verify({ const verified = (speakeasy as any).totp.verify({
secret: profile.twoFactorSecret, secret: profile.twoFactorSecret,
encoding: 'base32', encoding: 'base32',
token: token token: token,
window: 2
}); });
if (verified) { if (verified) {