i need to use speakeasy with express js to generate OTP and sending it by nodemailer to user in forget-password route with post request {i received email form user} then in another post request route named verify-otp i need to get the otp from user and catch the secret value from forget-password route to verify it with the user otp i used cookie-parser to save the secret key in cookie while forget-password route and saved successfully and get it from cookie in verify-otp request and already successfully get the data but when i verified always get false action forget-password function

verify-otp function

index.js file

please i need the help

i tried to use res .cookie("sk", secret, { secure: true, expires: new Date(Date.now() + 300000), maxAge: 300000, }) .json({ status: httpsStatusText.SUCCESS, data: { message: "OTP sent successfully, OPT valid only for 5 minutes", }, });

and const { otp: token } = req.body; const secret = req.cookies.sk;

const verified = await speakeasy.totp.verify({ secret, encoding: "base32", token, });

but always get false value for verified