TwoFactorAuth: VerifyCode returns false / ensureCorrectTime issue
Hello, I was trying to implement your library into my project. The QR Code as well as the Code are being generated properly but I can’t verify the Code.
After looking at the code I thought about, that the Time could be an issue. After trying the code
try { $tfa->ensureCorrectTime(); echo 'Your hosts time seems to be correct / within margin'; } catch (RobThree\Auth\TwoFactorAuthException $ex) { echo '<b>Warning:</b> Your hosts time seems to be off: ' . $ex->getMessage(); }
I get the following error Uncaught Exception: Connection refused extern/lib/Providers/Time/NTPTimeProvider.php Zeile 40 Backtrace #0 extern/lib/TwoFactorAuth.php(157): RobThree\Auth\Providers\Time\NTPTimeProvider->getTime() #1 extern/2fa.php(39): RobThree\Auth\TwoFactorAuth->ensureCorrectTime() #2 {main}
NTPTimeProvider.php
/* Receive response and close socket */ if (socket_recv($sock, $recv, 48, MSG_WAITALL) === false) throw new \Exception(socket_strerror(socket_last_error($sock))); socket_close($sock);
So it’s probably an Time issue I can’t verify.
Also do I set the discrepancy in the TwoFactorAuth.php
like this public function verifyCode($secret, $code, $discrepancy = 4, $time = null, &$timeslice = 0)
or in my file with
$Ergebnis= $tfa->verifyCode($secret, $_POST['verification'], $discrepancy);
Many regards Lukas
About this issue
- Original URL
- State: closed
- Created 4 years ago
- Comments: 18 (8 by maintainers)
I called ?verify=1. That generated a new secret so it was always false. Figured it out by creating a new page where I checked the two belonging POST Variables.
Then can’t you try and figure out what the difference between the two is and narrow it down?
This is the relevant code from the demo. There must be some difference in the code you’re using. Also try adding
error_reporting(E_ALL); ini_set("display_errors", 1);as very first line if you don’t have it already.