Open fabiokounang opened 2 years ago
In the verifyCode(secret,code,discrepancy,currentTimeSlice)
method, set discrepancy = 0
In the
verifyCode(secret,code,discrepancy,currentTimeSlice)
method, setdiscrepancy = 0
i already set discrepancy to 0, but when i tried the old 2fa, it can still be used until the code 2 time left is 10s. Should i set the currentTimeSlice too ? although i dont really understand what that is. Thank you for your response ! :D
currentTimeSlice
is the number of 30 second time slices that have elapsed since the start of unixtime.
If you do not specify it in the parameters, then it will be calculated according to the current server time.
As far as I know, such an interval can be chosen even smaller, but this library does not provide such an opportunity.
Because of latency, both network and human, and unsynchronised clocks, the one-time password must validate over a range of times between client and server
In the
verifyCode(secret,code,discrepancy,currentTimeSlice)
method, setdiscrepancy = 0
i already set discrepancy to 0, but when i tried the old 2fa, it can still be used until the code 2 time left is 10s. Should i set the currentTimeSlice too ? although i dont really understand what that is. Thank you for your response ! :D
This may just caused by time discrepancy between your server and client, you can check it by testing if there are two codes valid at the same time when you set discrepancy
to 0. There should be only one code available in this situation. When you set discrepancy
to 1, there will be 3 codes valid for a timeslice, which in range offset from -discrepancy
to +discrepancy
by currentTimeSlice
.
Hello, i need help, my scenario is like this
And keep in mind a code expired is 30s
So here it is
so the point is i just want the current active code to be verified as true. Thank you, i really need your help !