Only allow up to 30 seconds of overlap on comparing the 2FA tokens.

DaneEveritt · DaneEveritt · commit a93adce303fa · 2017-02-01T23:02:54.000-05:00
diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
@@ -157,7 +157,7 @@ public function totpCheckpoint(Request $request)
         }
 
 
-        if (! is_null($request->input('2fa_token')) && $G2FA->verifyKey($user->totp_secret, $request->input('2fa_token'))) {
+        if (! is_null($request->input('2fa_token')) && $G2FA->verifyKey($user->totp_secret, $request->input('2fa_token'), 1)) {
             Auth::login($user, $request->has('remember'));
 
             return redirect()->intended($this->redirectPath());

Original file line number	Diff line number	Diff line change
`@@ -157,7 +157,7 @@ public function totpCheckpoint(Request $request)`
`157`	`157`	`}`
`158`	`158`
`159`	`159`
`160`		`- if (! is_null($request->input('2fa_token')) && $G2FA->verifyKey($user->totp_secret, $request->input('2fa_token'))) {`
	`160`	`+ if (! is_null($request->input('2fa_token')) && $G2FA->verifyKey($user->totp_secret, $request->input('2fa_token'), 1)) {`
`161`	`161`	`Auth::login($user, $request->has('remember'));`
`162`	`162`
`163`	`163`	`return redirect()->intended($this->redirectPath());`