From 14027a9075b1cb04418bed9e11eb24f89037bf8c Mon Sep 17 00:00:00 2001
From: maliming <malimings@gmail.com>
Date: Fri, 24 Apr 2026 12:33:17 +0800
Subject: [PATCH] address copilot review: treat expiration boundary as
 inclusive

---
 .../Volo/Abp/Identity/AspNetCore/AbpTwoFactorTokenProvider.cs   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/modules/identity/src/Volo.Abp.Identity.AspNetCore/Volo/Abp/Identity/AspNetCore/AbpTwoFactorTokenProvider.cs b/modules/identity/src/Volo.Abp.Identity.AspNetCore/Volo/Abp/Identity/AspNetCore/AbpTwoFactorTokenProvider.cs
index f4a596c433..11fabf3c6b 100644
--- a/modules/identity/src/Volo.Abp.Identity.AspNetCore/Volo/Abp/Identity/AspNetCore/AbpTwoFactorTokenProvider.cs
+++ b/modules/identity/src/Volo.Abp.Identity.AspNetCore/Volo/Abp/Identity/AspNetCore/AbpTwoFactorTokenProvider.cs
@@ -93,7 +93,7 @@ public abstract class AbpTwoFactorTokenProvider : IUserTwoFactorTokenProvider<Id
             return false;
         }
 
-        if (ToUnixSeconds(Clock.Now) > expiresAtUnixSeconds)
+        if (ToUnixSeconds(Clock.Now) >= expiresAtUnixSeconds)
         {
             await TryRemoveStoredTokenAsync(manager, user, tokenName);
             return false;