UAT | OTP validation | User should not able to login after the time gets over to verify the OTP.

[mustakim-egov]

Describe the bug User should not able to login after the time gets over to verify the OTP. User still able to login after 1 minute when time gets over.

To Reproduce Steps to reproduce the behaviour:

1. Register user with mobile number
2. Navigate to URL https://dristi-qa.pucar.org/digit-ui/citizen/dristi/home/login
3. Enter the mobile number -9292991999
4. Click on 'Sign In' button
5. Wait for 1 minute Enter the OTP
6. Click on 'Verify' button

Expected behaviour User should not able to login

Expected behaviour User is able to login

Desktop (please complete the following information):

• OS: windows
• Browser : chrome

[Taherabharmal]

Please confirm the following: 1) ON resend OTP, will the same OTP be sent or a new OTP is generated?

Issue mentioned is bug is invalid as long as New OTP has not been isued

[mustakim-egov]

Please confirm the following:

1. ON resend OTP, will the same OTP be sent or a new OTP is generated?

Issue mentioned is bug is invalid as long as New OTP has not been isued

So It's on requirement , this is bug or not but in most of the cases ( applications ) resend OTP is new OTP

[manimaarans]

Hi @Taherabharmal , digit allows us to generate as many otp as we want , but each OTP has 15 mins expiry (which is configurable ), and user can validate with any of the already generated otp as long as it is not already used and not expired