Menu
I'm trying to set up two-factor authentication with Google Authenticator on my site. I'm able to generate working codes, but when I insert the image URL into the page, I get the following error in Chrome inspector:
GET https://www.google.com/chart?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/MyLabel?secret=THESECRET 400 (Bad Request)
The code to generate the QR code:
try
key = crypto.randomBytes(10).toString('hex')
catch error
console.log "error generating code: #{error}"
encoded = base32.encode(key)
label = encodeURIComponent "MyLabel"
uri = "otpauth://totp/#{label}?secret=#{encoded}"
url = "https://www.google.com/chart?chs=200x200&chld=M|0&cht=qr&chl=#{uri}"
Client-side jQuery that inserts the image:
img = $("<img>").attr("src", url)
$("#qr_box").html("")
$("#qr_box").append(img)
Which results in the following HTML on the page:
<img src="https://www.google.com/chart?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/MyLabel?secret=THESECRET">
The image can be opened in a new tab without a problem. The image is only successfully displayed in my page about 1/10 the time; the other times Chrome gives a 400. Am I missing something obvious here?
465
Codes generated by Google Authenticator disappear after 30 seconds and expire at 60 seconds. After a code expires, you can't use it to log in.
For me it worked to change https://www.google.com to https://chart.googleapis.com.
185
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
