Projekte/web-base
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

v2.4.6: TOTP allow multiple codes, composer update, PHPStan

Browse Source
This commit is contained in:
Roman
2026-01-28 14:09:10 +01:00
parent 4bcfc3ad9f
commit e82e6ee6a7
5 changed files with 326 additions and 291 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
Core/Objects/TwoFactor/TimeBasedTwoFactorToken.class.php
View File

@@ -58,8 +58,19 @@ class TimeBasedTwoFactorToken extends TwoFactorToken {
return substr(str_pad(strval($code), $length, "0", STR_PAD_LEFT), -1 * $length);
}
public function verify(string $code): bool {
return $this->generate() === $code;
public function verify(string $code, int $numCodes = 2): bool {
$now = time();
$length = 6;
$period = 30;
// verify the last $numCodes codes
for ($i = 0; $i < max(1, $numCodes); $i++) {
if ($this->generate($now - $period * i, $length, $period) === $code) {
return true;
}
}
return false;
}
public function getData(): string {