"Preventing reuse of Time based OTP's" not working

[aditya-kreditz]

I have applied this gem to my "User' Model like this:

class User < ApplicationRecord
  has_one_time_password interval: 600, after_column_name: :last_otp_at
end

Here I have set interval of 10 minutes for otp. I want to make it invalid once authenticated. But even after authenticating once, It can be authnticated again.

User.last.otp_code => "985983"
User.last.authenticate_otp("985983") => true
User.last.authenticate_otp("985983") => true

Also there is no update in last_otp_at column.
User.last.last_otp_at => nil

Am I missing something? What else I need to do?

[aditya-kreditz]

Sorry. There was a mistake at my end. Gem version was 2.3.1. Now upgraded to 2.3.2 and getting last_otp_at time. Now It authenticates once. But it doesn't generate new otp before time interval.