Using digits to login

I wanted to allow my users to login eith a 6 digit code I send my email. My workflow is:

  • I call a background api that generates the 6 digit code, emails it and sets a hash (6 digit code plus static passfrase + date of the day) as the password of a user
  • when the users gives me the code I create the hash again and log the user in on the application

I thing because of the background workflow and the normale workflow the user never sees the passfrase and how the password is hashed

It this a save way of logging in? Did I miss something?