Skip to content

Commit

Permalink
Increase the tolerance when checking OTP codes.
Browse files Browse the repository at this point in the history 
This makes two factor authentication work more reliably for DUO.
  • Loading branch information
@drgrice1
drgrice1 committed Mar 16, 2024
1 parent 5d9ea65 commit a878478
Showing 1 changed file with 6 additions and 2 deletions.
8 changes: 6 additions & 2 deletions lib/WeBWorK/Authen.pm
View file
Original file line number Diff line number Diff line change
Expand Up @@ -483,8 +483,12 @@ sub verify_normal_user {
my $otp_code = trim($c->param('otp_code'));
if (defined $otp_code && $otp_code ne '') {
my $password = $c->db->getPassword($user_id);
if (WeBWorK::Utils::TOTP->new(secret => $self->session->{otp_secret} // $password->otp_secret)
->validate_otp($otp_code))
if (
WeBWorK::Utils::TOTP->new(
secret => $self->session->{otp_secret} // $password->otp_secret,
tolerance => 1
)->validate_otp($otp_code)
)
{
delete $self->session->{two_factor_verification_needed};

Expand Down

0 comments on commit a878478

Please sign in to comment.