-
Notifications
You must be signed in to change notification settings - Fork 96
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
ROTP and Rodauth #432
Comments
Rodauth uses TOTP: https://github.com/mdp/rotp/blob/main/lib/rotp/totp.rb#L39 |
@jeremyevans thanks for the help. That helped narrow it down. However, in version 1.11.0 of rodauth-rails The code here: Shows a match for the otp vs the generated_otp based on the timecode. However, when I upgrade to version 1.14.1 of rodauth-rails all of them come back as false for a match and throw a "Invalid Authentication Token" error. I think I am straying off topic a bit for Rodauth here, if it is better I open an issue/reference this one in rodauth-rails I can do that. |
Best practice if you are using rodauth-rails is to always open a discussion in the rodauth-rails repository. If @janko determines the issue is actually in Rodauth, he'll raise the issue here. |
@jeremyevans thanks, that's what I will do. Appreciate your help/guidance. |
We are using the ROTP gem with Rodauth rails (however the issue may be coming from Rodauth...see below) and after upgrading to the latest version of Rodauth Rails, we are having an issue with verifying the one time password. The line here:
https://github.com/mdp/rotp/blob/main/lib/rotp/otp.rb#L53
ROTP is looking for two params. From Rodauth, it seems to only be passing one of the two params to ROTP:
rodauth/lib/rodauth/features/otp.rb
Line 271 in 0c8dc7a
I am not sure if it is an issue with ROTP or Rodauth or if I am not understanding how this is working. Any help would be appreciated. I also opened this issue on ROTP's repo.
The text was updated successfully, but these errors were encountered: