flashii/misuzu
flashii/misuzu
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Allow login with previous 2FA code as well, closes #163.

Browse source
This commit is contained in:
flash 2019-03-18 13:17:46 +01:00
parent e1bb58027c
commit 68db9ce243
1 changed files with 3 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
public/auth/twofactor.php
View file

@ -42,9 +42,11 @@ while (!empty($twofactor->value('array'))) {
break; break;
} }
$givenCode = $twofactor->code->value('string', '');
$currentCode = totp_generate($tokenInfo['user_totp_key']); $currentCode = totp_generate($tokenInfo['user_totp_key']);
$previousCode = totp_generate($tokenInfo['user_totp_key'], time() - 30);
if ($currentCode !== $twofactor->code->value('string', '')) { if ($currentCode !== $givenCode && $previousCode !== $givenCode) {
$notices[] = sprintf( $notices[] = sprintf(
"Invalid two factor code, %d attempt%s remaining", "Invalid two factor code, %d attempt%s remaining",
$remainingAttempts - 1, $remainingAttempts - 1,