Fix #126 - Save updated HOTP counter after an OTP generation

2025-02-22 21:30:56 +01:00 · 2022-09-14 16:37:58 +02:00 · 2022-09-14 16:37:58 +02:00 · b5c6f8f406
commit b5c6f8f406
parent b44c6958e3
2 changed files with 7 additions and 0 deletions
--- a/app/Models/TwoFAccount.php
+++ b/app/Models/TwoFAccount.php
@ -321,6 +321,11 @@ public function getOTP()
                $counter = $this->generator->getParameter('counter');
                $OtpDto->password   = $this->generator->at($counter);
                $OtpDto->counter    = $this->counter = $counter + 1;
+
+                // The updated HOTP counter must be saved to db for persisted account only
+                if ($this->id) {
+                    $this->save();
+                }
            }
            else {

--- a/resources/js/components/OtpDisplayer.vue
+++ b/resources/js/components/OtpDisplayer.vue
@ -255,6 +255,8 @@
            getHOTP: async function() {

                let otp = await this.getOtp()
+                this.internal_password = otp.password
+                this.internal_counter = otp.counter

                // returned counter & uri are incremented
                this.$emit('increment-hotp', { nextHotpCounter: otp.counter, nextUri: otp.uri })