| Q | A | -------------------- | ----- | Bug report? | yes | Feature request? | no | BC Break report? | no | RFC? / Specification | no | Library version | 9.1
$otp = \OTPHP\TOTP::create(
$encoded, // Let the secret be defined by the class
60, // The period (60 seconds)
'sha1', // The digest algorithm
10 // The output will generate 10 digits
);
$result=$otp->verify($code,time());
I have faced a problem that the period an otp works is usually no more than 20 seconds when I actually set the period to 60.
I have checked the system timestamp, the time when an otp is generated and the time when the otp is verified has just a bit more than 20 seconds.
When generating the otp, I created an TOTP instance at that time. The user send thru the otp to another route after waiting around 20 seconds, this verify route has another function so I have another TOTP instance created after 20 seconds. Now, it doesn't verify the otp.
I have also checked the source code but just can't figure out what is going wrong.
该提问来源于开源项目:Spomky-Labs/otphp
