Usage of time in check function
Closed this issue · 4 comments
Hi,
may I ask what is what time should I use when calling check
function?
My first guess was to use current time SystemTime::now().duration_since(SystemTime::UNIX_EPOCH).unwrap().as_secs())
, unfortunately I can't seem to get a token verified.
Hi!
Thanks for reaching out. I think the issue is that you're passing the library a string key, and use the same string as a key to generate a token in your app/generator
Bear in mind that secret
can (should, in secure setting) be an array of non-ascii bytes
In the example, I use "supersecret" as a key
In you use the library to generate an URL with this key, the "secret" parameter will be "ON2XAZLSONSWG4TFOQ", which is base32 for "supersecret"
otpauth://totp/user@example.com?secret=ON2XAZLSONSWG4TFOQ&issuer=my-org.com&digits=6&algorithm=SHA1
You want to pass that value to your generator/phone app
You can try it by generating a QR code with the "qr" feature of the library, and then flashing it with your phone. Both your tokens will be the same
I started with this code to test the library out:
let totp = TOTP::new(
Algorithm::SHA512,
6,
4,
30,
"supersecret",
);
let url = totp.get_url("user@example.com", "my-org.com");
println!("url {}", url);
let stdin = io::stdin();
for line in stdin.lock().lines() {
let unwrapped_line = line.unwrap();
let timestamp = SystemTime::now()
.duration_since(SystemTime::UNIX_EPOCH).unwrap();
let res = totp.check(&unwrapped_line, timestamp.as_secs());
println!("It matches {}", res);
}
When I input what Authenticator tells me the code is, the res
is false
.
I used two different authenticator apps on two different devices, into one I passed otpauth://totp/user@example.com?secret=ON2XAZLSONSWG4TFOQ&issuer=my-org.com&digits=6&algorithm=SHA512
and into other just the secret
part. Both with same result.
I see you use SHA512, does your app support this algorythm?
SHA1 is the default one
Thank you. I didn't realize it doesn't.