fix(two-factor): incorrect default OTP period & fix incorrect docs (#3231)

* docs(2fa): fix incorrect period * fix: default period is 3 minutes * Update packages/better-auth/src/plugins/two-factor/index.ts Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com> * chore: lint --------- Co-authored-by: cubic-dev-ai[bot] <191113872+cubic-dev-ai[bot]@users.noreply.github.com>
2025-12-10 12:27:44 +00:00 · 2025-07-02 01:54:26 +10:00
parent 4a5d798999
commit eea77a5020
2 changed files with 4 additions and 4 deletions
--- a/docs/content/docs/plugins/2fa.mdx
+++ b/docs/content/docs/plugins/2fa.mdx
@@ -393,7 +393,7 @@ these are options for TOTP.
        default: 6,
    },
    period: {
-        description: "The period for otp in seconds.",
+        description: "The period for totp in seconds.",
        type: "number",
        default: 30,
    },
@@ -411,9 +411,9 @@ these are options for OTP.
        type: "function",
    },
    period: {
-        description: "The period for otp in seconds.", 
+        description: "The period for otp in minutes.", 
        type: "number",
-        default: 30,
+        default: 3,
    },
  }}
  />
--- a/packages/better-auth/src/plugins/two-factor/index.ts
+++ b/packages/better-auth/src/plugins/two-factor/index.ts
@@ -296,7 +296,7 @@ export const twoFactor = (options?: TwoFactorOptions) => {
 						 */
 						deleteSessionCookie(ctx, true);
 						await ctx.context.internalAdapter.deleteSession(data.session.token);
-						const maxAge = options?.otpOptions?.period || 60 * 5; // 5 minutes
+						const maxAge = (options?.otpOptions?.period ?? 3) * 60; // 3 minutes
 						const twoFactorCookie = ctx.context.createAuthCookie(
 							TWO_FACTOR_COOKIE_NAME,
 							{