Stuck on an issue?

Lightrun Answers was designed to reduce the constant googling that comes with debugging 3rd party libraries. It collects links to all the places you might be looking at while hunting down a tough bug.

And, if you’re still stuck at the end, we’re happy to hop on a call to see how we can help out.

Bad practice with generate_one_time_code

See original GitHub issue

Not so long ago, I came across the fact that with two-factor authentication comes empty response (#53). It turned out that if you authorize the client several times without restarting application, the same one-time code will be generated. It’s a bad idea to pass a variable like time.time() to the default value:

def generate_one_time_code(shared_secret: str, timestamp: int = int(time.time())) -> str:
    # generating one-time code

Probably, it should look like this:

def generate_one_time_code(shared_secret: str, timestamp: int = 0) -> str:
    if not timestamp:
        timestamp = int(time.time())
    # generating one-time code

Issue Analytics

State:
Created 6 years ago
Reactions:1
Comments:6 (5 by maintainers)

Top GitHub Comments

1reaction

buksoncommented, Jul 10, 2017

Already on master, much much thanks!

1reaction

timwoockercommented, Jul 10, 2017

You saved my life! I’m currently creating a service with multiple steam bots. A bot is getting logged in as soon as a user requests it but since the app could already be running for some minutes or hours, the login fails with the error “Invalid Credentials”. I think this bug is also caused by the generate_one_time_code method.