should i store otp in session or database?
I regularly use database though
During the nextauth signing process i check if the user has a otp first on the db then check if it has expired if expired send new one and delete old otp
Else send the old otp that hasn't expired
During the nextauth signing process i check if the user has a otp first on the db then check if it has expired if expired send new one and delete old otp
Else send the old otp that hasn't expired
