cypress-otp icon indicating copy to clipboard operation
cypress-otp copied to clipboard

Published 20 hours ago verified publisher icon NoriSte

Wait for the minimum threshold before generating the OTP

Open Schengatto opened this issue 1 year ago • 1 comments

Description

First of all, let me thank you for making this plugin available. I have encountered some inconsistent testing issues using this library caused by the usage of an expired token. With the current implementation of the plugin, there is the possibility to generate a token even when the remaining time is less than 2 seconds, causing the risk of having an expired OTP once it is submitted.

Suggestion

You can consider adding a check of the remaining time and if this is less than 1 or 2 seconds wait for the time to expire and thus ensure the generation of a token that will be 100% valid.


function waitSec(sec) {
    return new Promise(resolve => setTimeout(resolve, sec * 1000));
}

module.exports = async (otpSecret, minThreshold=2) => {
  if (otpSecret) {
      previousSecret = otpSecret;
  }
  const secret = previousSecret;

  const timeRemaining = otplib.authenticator.timeRemaining();
  if (timeRemaining < minThreshold) {
      await waitSec(timeRemaining + 1);
  }

  if (!secret) {
      throw new Error("No secret has been provided.");
  }
  return otplib.authenticator.generate(secret);
};

Schengatto avatar Jan 10 '24 21:01 Schengatto

First of all, let me thank you for making this plugin available.

Thanks for the kind words ❤️

You can consider adding a check of the remaining time and if this is less than 1 or 2 seconds wait for the time to expire and thus ensure the generation of a token that will be 100% valid.

It makes sense to me. Could you open a PR and add the needed tests? By controlling the system clock, the tests should be manageable.

NoriSte avatar Jan 11 '24 09:01 NoriSte