bug: otp expire after validation and clear expired

[mohssineAboutaj]

I created two API routes

• /verify-OTP
• /reset-password

The first one contains this code

$otp = Otp::identifier($request->email)->attempt($request->otp);

The second one contains the same line with the force password reset function
The code is working fine, but the problem is when the OTP is valid in one route, it's not valid in another, it says expired
This means I can only use that OTP in one route
Do you know how I can fix this?

Also, how can I clear the Expired codes

Note: I'm using database/mysql as cache driver

[sadiqsalau]

To implement password reset you will need three routes.

• /forgot-password
• /verify-otp
• /reset-password

In the first route we will send the password reset OTP.
Second route will verify the OTP and automatically create a session in the cache for a password reset for that email.
Last route will accept an email address and a new password to update.

[mohssineAboutaj]

Yup I know and I already have those 3 routes
The problem is when the OTP is verified in the first time (in verify-otp) in the next route it says not valid

[sadiqsalau]

Yup I know and I already have those 3 routes The problem is when the OTP is verified in the first time (in verify-otp) in the next route it says not valid

The OTP can only be verified once...