@ladjs/passport-otp-strategy
Table of Contents
Foreword
This is a fork of passport-otp, which is a fork itself of the Passport-TOTP library and uses otplib instead of notp.
Passport strategy for two-factor authentication using a TOTP value.
This module lets you authenticate using a TOTP value in your Node.js applications. By plugging into Passport, TOTP two-factor authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express. TOTP values can be generated by hardware devices or software applications, including Google Authenticator and Authy.
Note that in contrast to most Passport strategies, TOTP authentication requires that a user already be authenticated using an initial factor. Requirements regarding when to require a second factor are a matter of application-level policy, and outside the scope of both Passport and this strategy.
Install
npm install @ladjs/passport-otp-strategyUsage
Configure Strategy
The TOTP authentication strategy authenticates a user using a TOTP value
generated by a hardware device or software application (known as a token). The
strategy requires a setup callback.
The setup callback accepts a previously authenticated user and calls done
providing a key used to verify the token value. Authentication
fails if the value is not verified.
passport.use(new OtpStrategy(
{
codeField: 'code',
authenticator: {}
}
function(user, done) {
TotpKey.findOne({ userId: user.id }, function (err, key) {
if (err) { return done(err); }
return done(null, key.key);
});
}
));You can find a full listing of authenticator options here. Note that the crypto library will be used by default. If you want to change that, you can specify it in authenticator.crypto (more on that here).
Authenticate Requests
Use passport.authenticate(), specifying the 'otp' strategy, to authenticate
requests.
For example, as route middleware in an Express application:
app.post(
'/verify-otp',
passport.authenticate('otp', { failureRedirect: '/verify-otp' }),
function(req, res) {
req.session.authFactors = [ 'otp' ];
res.redirect('/');
}
);Examples
For a complete, working example, refer Lad source code.
Tests
npm install
npm run testContributors
| Name | Website |
|---|---|
| Eric Hayes | https://github.com/ejhayes |
| Jared Hanson | https://github.com/jaredhanson |