POST `/mfa/totp/verify`

验证用户提交的TOTP验证码，验证通过后启用TOTP多因素认证。使用限流保护（checkRateLimit）。参考：RFC 6238 (TOTP)、OWASP ASVS V2.8.3。

MFA `bearerAuth` application/json

Request Body

Schema: dto.TOTPVerifyRequest

Field	Type	Required	Example	Constraints	Description
`code`	`string`	Yes

Responses

Status	Description	Schema
200	验证成功	`dto.ValidDetailResponse`
400	参数错误或验证码无效	`gitee_com_linmes_authms_base_dto.SimpleResponse`
401	未认证	`gitee_com_linmes_authms_base_dto.SimpleResponse`
429	请求过于频繁	`gitee_com_linmes_authms_base_dto.SimpleResponse`
500	服务器内部错误	`gitee_com_linmes_authms_base_dto.SimpleResponse`

Referenced Schemas

dto.ValidDetailResponse

Field	Type	Required	Example	Constraints	Description
`code`	`integer`	No
`data`	`dto.ValidResponse`	No
`message`	`string`	No
`timestamp`	`string`	No

dto.ValidResponse

Field	Type	Required	Example	Constraints	Description
`valid`	`boolean`	No	`True`

gitee_com_linmes_authms_base_dto.SimpleResponse

Field	Type	Required	Example	Constraints	Description
`code`	`integer`	No
`message`	`string`	No
`timestamp`	`string`	No

Try this API in Scalar → Download OpenAPI spec (JSON) ↓

↑