fix: send proper otp token on web auth

[wraithgar]

No description provided.

[hashtagchris]

LGTM. Was this a recent regression?

[wraithgar]

@hashtagchris yes three weeks ago a lot of this otp code was consolidated and this one field was missed.

[npm-cli-bot]

no statistically significant performance changes detected

timing results

app-large	clean	lock-only	cache-only	modules-only	no-lock	no-cache	no-modules	no-clean	show-version	run-script	cache-only peer-deps	no-clean audit
npm@latest	28.751 ±0.48	11.029 ±0.06	12.029 ±0.10	1.579 ±0.01	1.587 ±0.00	1.309 ±0.00	8.434 ±0.01	1.300 ±0.00	0.143 ±0.00	0.172 ±0.00	15.172 ±0.11	2.185 ±0.11
#7545	28.938 ±0.24	11.067 ±0.04	12.041 ±0.06	1.628 ±0.07	1.580 ±0.02	1.296 ±0.00	8.478 ±0.09	1.320 ±0.02	0.143 ±0.00	0.168 ±0.00	15.089 ±0.13	2.229 ±0.17

app-medium	clean	lock-only	cache-only	modules-only	no-lock	no-cache	no-modules	no-clean	show-version	run-script	cache-only peer-deps	no-clean audit
npm@latest	22.457 ±0.04	8.237 ±0.05	9.113 ±0.04	1.534 ±0.01	1.528 ±0.02	1.416 ±0.01	5.953 ±0.03	1.347 ±0.01	0.141 ±0.00	0.170 ±0.00	10.143 ±0.03	1.987 ±0.01
#7545	22.087 ±0.16	8.203 ±0.00	9.019 ±0.02	1.537 ±0.02	1.530 ±0.01	1.420 ±0.00	5.941 ±0.03	1.344 ±0.02	0.140 ±0.00	0.172 ±0.00	10.079 ±0.05	2.023 ±0.02

[clickwithclark]

can confirm "otp" fails because ["otp" with value "[object Object]" fails to match the required pattern: /^\d+$/, "otp" length must be 64 characters long] is still a bug on 10.8.0 as of today, downgrading with npm i -g npm@10.7.0 I was able to get my package published, mentioning it here as this issue was quoted as it being fixed wit this pr.