Skip to content

zero dependency time-based one-time password provider based on rfc6238

License

Notifications You must be signed in to change notification settings

distrentic/totp

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

8 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

totp

npm version

zero dependency time-based one-time password provider based on rfc6238.

Installation

npm install @distrentic/totp
yarn add @distrentic/totp

Usage

import totp from "@distrenctic/totp";

const purpose = "EmailConfirmation";
const userId = "cknxpnrvf000001jp176m87ik";
const modifier = `TOTP:${purpose}:${userId}`;

const securityStamp = "soub@WOOL8pow-mol";
const token = Buffer.from(securityStamp, "utf-8");

const code = totp.generateCode(token, modifier);

console.log(code);
// => 112233

const isValid = totp.validateCode(code, token, modifier);

console.log(isValid);
// => true

API

Methods

  • generateCode(< Buffer > token[, < string > modifier]) - (number) - Generates a new time-based one-time password. Default time-step is 3 minutes.

    • token - Buffer - a secure random token (e.g. user's security stamp)
    • modifier - string - (optional) reason to create this one-time password
  • validateCode(< number > code, < Buffer > token[, < string > modifier]) - (boolean) - Validates the time-based one-time password. Allows a variance of no greater than 9 minutes in either direction.

    • code - number - code to be validated
    • token - Buffer - token that is used to create one-time password
    • modifier - string - (optional) reason to create this one-time password

License

Licensed under MIT license (LICENSE or http://opensource.org/licenses/MIT)