valid_window checks equal # of windows before/after

[psivesely]

The docstring for the valid_window parameter of TOTP.verify() currently reads:

@param [Integer] valid_window extends the validity to this many counter
    ticks before and after the current one

It is sensible one would want to include future windows to account for the case where a client and server clock are slightly out of sync. The old code would extend the validity to one less than valid_window ticks because of the upper-bound exclusivity property of range ([lower, upper)). This fixes that and brings it in line with the docstring spec.

[kislyuk]

Sounds good, thanks. Could you please also update the test so it passes?

[psivesely]

Wow, I can't math. The code was already correct.