2FA Code Generation in Appwrite Functions is always wrong

log("MFA Setup -- Verify Code");
    const userId = req.body.userId;
      if (!req.body.mfacode && req.body.mfacode && req.body.mfacode.length != 6) {
        return res.status(500).json("Error!");
    }

    const user = await users.get(userId);
    const member = await db.getDocument("maindb", "member", userId);

    let status = 0;

    if (!user) {
        return res.status(500).json("Error!");
    }

    
    let secret = OTPAuth.Secret.fromBase32(member.mfaCode);
    let totp = new OTPAuth.TOTP({
      issuer: encodeURIComponent('PVA.ai'),
      label: encodeURIComponent(user.email),
      algorithm: 'SHA1',
      digits: 6,
      period: 30,
      secret: secret,
    }); //<----- here specifically
    let token = totp.generate();
    let tokenSame = totp.validate({ token: req.body.mfacode });

    log(`mfaToken: ${token} -- req.body.mfacode: ${req.body.mfacode} -- tokenSame: ${tokenSame}`);
    log(`Timestamp right now: ${Date.now().toFixed(4)} -- Timestamp sent: ${timestamp} -- Difference: ${Date.now().toFixed(4) - timestamp}`);

    if (tokenSame) {

        let data = {
            mfaSetup: true,
        };
        await db.updateDocument("maindb", "member", userId, data);
        status = 1;

        try {

            return res.json({
                type: "success",
                status: status,
            });

        } catch (error) {
            log(error);
            return res.json({ type: "error", message: error });
        }

    } else {
      return res.json({
        type: "error",
        message: "Token Mismatch",
        status: status,
      })
    }

-let secret = OTPAuth.Secret.fromBase32(member.mfaCode);
+let secret = member.mfaCode;

let secret = OTPAuth.Secret.fromBase32(crypto.randomBytes(20));

let secret = new OTPAuth.Secret({buffer: crypto.randomBytes(20)});

let secret = OTPAuth.Secret.fromBase32(member.mfaCode);