From 74aecdfd9d93b8e2df4719c4140209dd38bb4ae0 Mon Sep 17 00:00:00 2001
From: Jeff Wong <awole20@gmail.com>
Date: Tue, 15 May 2018 16:13:21 -0700
Subject: [PATCH] Feature: add a 30 seconds grace window for 2-factor token
 checks

---
 app/models/concerns/second_factor_manager.rb | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/app/models/concerns/second_factor_manager.rb b/app/models/concerns/second_factor_manager.rb
index 096fc003057..9dd00b61582 100644
--- a/app/models/concerns/second_factor_manager.rb
+++ b/app/models/concerns/second_factor_manager.rb
@@ -27,7 +27,7 @@ module SecondFactorManager
       last_used = self.user_second_factor.last_used.to_i
     end
 
-    authenticated = !token.blank? && totp.verify_with_drift_and_prior(token, 0, last_used)
+    authenticated = !token.blank? && totp.verify_with_drift_and_prior(token, 30, last_used)
     self.user_second_factor.update!(last_used: DateTime.now) if authenticated
     !!authenticated
   end