Totp code in server not match with auth app
Sajadh92 opened this issue · 1 comments
Sajadh92 commented
Hi , First thanks a lot for this grate work and amazing pkg ..
I have a trouble with matching syncing code between API in server and auth app in client side ..
I tried using time correction and also using compute from specific time but is the same ..
My API timezone is Iraq, Baghdad (+3 GMT) and all my clients in the same time zone ..
Below are my custom class that i used ..
using Infrastructure.Static;
using Microsoft.AspNetCore.Identity;
using OtpNet;
using QRCoder;
namespace Infrastructure.OTP;
public static class Totp
{
private static int _size = 6;
private static int _step = 30;
private static string _issuer = "Paradise";
private static OtpHashMode _hashMode = OtpHashMode.Sha256;
public static string SecretKey() => Base32Encoding.ToString(KeyGeneration.GenerateRandomKey(_hashMode));
public static string GenCode(string key) => new OtpNet.Totp(Base32Encoding.ToBytes(key),
_step, _hashMode, _size).ComputeTotp(DateTime.UtcNow.AddHours(+3));
public static bool Verified(string key, string code) => new OtpNet.Totp(Base32Encoding.ToBytes(key),
_step, _hashMode, _size).VerifyTotp(DateTime.UtcNow.AddHours(+3), code, out _, new(1, 1));
public static string Uri(string key, string identity) => new OtpUri(OtpType.Totp,
key, identity, _issuer, _hashMode, _size, _step).ToString();
public static string QRCodeAsBase64(string key, string identity) => Convert.ToBase64String(new PngByteQRCode
(new QRCodeGenerator().CreateQrCode(Uri(key, identity), QRCodeGenerator.ECCLevel.Q)).GetGraphic(20));
}
Sajadh92 commented
if any one has same issue .. my mistake was not in date time but it was in hash mode in Totp all auth apps are using Sha1 not Sha256 or Sha512 with key length 20 so just make sure not changed hash mode keep it on default and also keep date time in default UTC