APM OTP authentication
We are using APM for OTP authentication , The problem is that there are a number of users who on purpose make the first registration using the username and password, then after the OTP-code arrives, they open another tab in the browser and request a new login, then a new OTP-code is sent to them and so on, how can I limit this by not allowing a new OTP-code to be sent In the event that the first code is still active, for example, for a period of 3 minutes