Add drift period
This commit is contained in:
parent
ee4b7e2cb1
commit
d20f527d8c
|
@ -18,7 +18,7 @@ class User::SessionsController < Devise::SessionsController
|
|||
warden.lock!
|
||||
render 'auth/two_factor_authentication'
|
||||
else
|
||||
if resource.authenticate_otp(params[:user][:otp_attempt])
|
||||
if resource.authenticate_otp(params[:user][:otp_attempt], drift: APP_CONFIG.fetch(:otp_drift_period, 30).to_i)
|
||||
continue_sign_in(resource, resource_name)
|
||||
else
|
||||
sign_out(resource)
|
||||
|
|
|
@ -189,7 +189,7 @@ class UserController < ApplicationController
|
|||
req_params = params.require(:user).permit(:otp_validation)
|
||||
current_user.otp_module = :enabled
|
||||
|
||||
if current_user.authenticate_otp(req_params[:otp_validation])
|
||||
if current_user.authenticate_otp(req_params[:otp_validation], drift: APP_CONFIG.fetch(:otp_drift_period, 30).to_i)
|
||||
flash[:success] = t('views.auth.2fa.setup.success')
|
||||
current_user.save!
|
||||
else
|
||||
|
|
|
@ -68,3 +68,6 @@ hcaptcha:
|
|||
enabled: false
|
||||
site_key: ''
|
||||
secret_key: ''
|
||||
|
||||
# TOTP Drift period in seconds
|
||||
otp_drift_period: 30
|
||||
|
|
Loading…
Reference in New Issue