Give a little more leeway in TOTP verification

e107inc · Feb 20, 2021 · 65f3a0a · 65f3a0a
1 parent 200b1f1
commit 65f3a0a
Showing 1 changed file with 3 additions and 3 deletions.
diff --git a/twofactorauth_class.php b/twofactorauth_class.php
@@ -149,7 +149,7 @@ private function verifyTotp($user_id = USERID, $totp)
  }
 
  // Check if the entered TOTP is correct. 
- if($tfa_library->verifyCode($secret_key, $totp) === true) 
+ if($tfa_library->verifyCode($secret_key, $totp, 2) === true) 
  {
  // TOTP is correct. 
  if($this->tfa_debug)
@@ -228,7 +228,7 @@ public function processEnable($user_id = USERID, $secret_key, $totp)
  $tfa_library = new TwoFactorAuth();
 
  // Verify code
- if($tfa_library->verifyCode($secret_key, $totp) === false) 
+ if($tfa_library->verifyCode($secret_key, $totp, 2) === false) 
  {
  if($this->tfa_debug)
  {
@@ -277,7 +277,7 @@ public function processDisable($user_id = USERID, $totp)
  $secret_key = e107::getUserExt()->get($user_id, "user_plugin_twofactorauth_secret_key");
 
  // Verify code
- if($tfa_library->verifyCode($secret_key, $totp) === false) 
+ if($tfa_library->verifyCode($secret_key, $totp, 2) === false) 
  {
  e107::getMessage()->addError(LAN_2FA_INCORRECT_TOTP);
  return false;