diff options
| author | DW <36347199+chocological00@users.noreply.github.com> | 2020-02-01 21:50:15 -0500 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-02-02 11:50:15 +0900 |
| commit | 391500bdacab69afec9520f0503e1c97f87fd791 (patch) | |
| tree | 8e784eb605efe579a76067073a1618e60e198346 /src/server/api | |
| parent | Fix: emoji関連のリポジトリへのライセンス表記が必要 (#5809) (diff) | |
| download | sharkey-391500bdacab69afec9520f0503e1c97f87fd791.tar.gz sharkey-391500bdacab69afec9520f0503e1c97f87fd791.tar.bz2 sharkey-391500bdacab69afec9520f0503e1c97f87fd791.zip | |
Allow wider window for totp verification (#5811)
As server time and client time may not necessarily match
Diffstat (limited to 'src/server/api')
| -rw-r--r-- | src/server/api/private/signin.ts | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/server/api/private/signin.ts b/src/server/api/private/signin.ts index 43928a6b44..734758d63d 100644 --- a/src/server/api/private/signin.ts +++ b/src/server/api/private/signin.ts @@ -89,7 +89,8 @@ export default async (ctx: Koa.Context) => { const verified = (speakeasy as any).totp.verify({ secret: profile.twoFactorSecret, encoding: 'base32', - token: token + token: token, + window: 2 }); if (verified) { |