scheb / two-factor-bundle

[ABANDONED] Two-factor authentication for Symfony 2 & 3 applications 🔐. Please use the newer versions from https://github.com/scheb/2fa.
https://github.com/scheb/2fa
MIT License
385 stars 111 forks source link

Doesn't work in PROD works in DEV #298

Closed jimiero closed 4 years ago

jimiero commented 4 years ago

Bundle version: latest version Symfony version: 4.4

Description

I managed to make it work just fine in localhost, but when I try to use on PROD it always fails when I use:

$this->googleAuthenticator->checkCode($user, $code)

Additional Context Any idea what may be the cause of the issue?

scheb commented 4 years ago

The principle of TOTP/Google Authenticator is that both devices generate a code based on time + secret. If one of those two components isn't in sync, they'll generate a different code. So:

The time window for each code is 30 seconds, so if the time difference between server/device is too large codes will be out-of-sync and it will be hard or impossible to hit the right code. You could also increase the window setting, so accept more codes around the current valid one:

# config/packages/scheb_two_factor.yaml
scheb_two_factor:
    google:
        window: 1  # How many codes before/after the current one would be accepted as valid
jimiero commented 4 years ago

Thanks @scheb that was the issue, server had a wrong un-synced time date, solved that and now worked.

Best regards!