I am implementing two factor authentication using passportjs module [passport-2fa-totp][1]http://www.passportjs.org/packages/passport-2fa-totp/
I am able to successfully register user and store its key.
I am not able to verify totp-code generated by google authenticator app I am using the following code as reference,
`passport.use(new TwoFAStartegy(function (username, password, done) {
// 1st step verification: username and password
User.findOne({ username: username }, function (err, user) {
if (err) { return done(err); }
if (!user) { return done(null, false); }
if (!user.verifyPassword(password)) { return done(null, false); }
return done(null, user);
});}, function (user, done) {
// 2nd step verification: TOTP code from Google Authenticator
if (!user.secret) {
done(new Error("Google Authenticator is not setup yet."));
} else {
// Google Authenticator uses 30 seconds key period
// https://github.com/google/google-authenticator/wiki/Key-Uri-Format
var secret = GoogleAuthenticator.decodeSecret(user.secret);
done(null, secret, 30);
}}));`
I am not able to understand the second step of verification. First of all I don't have access to code field here which needs to be validated and I am also not able to fetch any proper output. It is just returning me Invalid username or password which isn't the case.
Help me out!
