f38ac2ecc8
verify_totp called ROTP without `after:`, so a captured 6-digit code stayed valid for the full ~90s drift window and could be replayed in a separate sign-in. Add a last_otp_at column, pass it as ROTP's `after:`, and persist the matched timestep on success so a code (or any earlier one) cannot be reused. Also fixes a latent bug surfaced by the new replay path: enable_totp! did `self.backup_codes = generate_backup_codes`, reassigning backup_codes to the plaintext return value (generate_backup_codes already stores the BCrypt hashes internally). That stored backup codes in plaintext and broke verification. enable_totp! is test-only today, but it is public and backup_codes is not encrypted, so this is a real footgun. Now it just calls generate_backup_codes. Rewrites the mislabeled "TOTP code cannot be reused" test to actually assert that replaying an accepted code is rejected. Co-Authored-By: Claude Fable 5 <noreply@anthropic.com>
8.2 KiB
8.2 KiB