vs-authenticator
This repo holds logic for generating TOTP (RFC6238) for 2FA
By default TOTP verification is based on 2 time step, meaning OTP is valid for 60 seconds. If there is need to validate TOTP from past then provide prevTimeSteps option
How to use
TOTP generation and verification
const VsAuthenticator = required("vs-authenticator");
const secret = VsAuthenticator.generateSecret();
const totp = VsAuthenticator.generateTOTP(secret.base32Secret);
// To verify TOTP provided by user
const isValidTOTP = VsAuthenticator.verifyTOTP( userProvidedTOTP, secret.base32Secret);
/**
* To verify past TOTP's
* Verify TOTP's from last 90 seconds ( as default step is of 30 seconds, 90 /30 = 3 )
*/
const isValidTOTP = VsAuthenticator.verifyTOTP( userProvidedTOTP, secret.base32Secret, 3);
Recovery codes generation
- Generate numbers as recover codes
const recoveryCodes = VsAuthenticator.generateRecoverCodes({
codeLength: 6,
codeType: "numbers",
numberOfCodes: 20
});
// console.log(recoveryCodes);
[
'438171', '090722', '317662',
'804551', '375587', '452225',
'306622', '028157', '174671',
'035603', '057717', '058642',
'106383', '469748', '854384',
'475571', '351376', '500001',
'253358', '514030'
]
2. Generate recovery codes with lowercase alphabet
const recoveryCodes = VsAuthenticator.generateRecoverCodes({
codeLength: 6,
codeType: "lowercase",
numberOfCodes: 20
});
// console.log(recoveryCodes);
[
'kqeisx', 'oscatr', 'jxpdpf',
'qymoaw', 'rkbatc', 'kqmvoe',
'cprkgf', 'ahegif', 'oicjur',
'wooivs', 'hyjmko', 'ouwgnv',
'jvhkum', 'wkgyjp', 'cgjosq',
'qbybjn', 'sciefw', 'cpawhe',
'smbqng', 'qglkpm'
]
3. Generate recovery codes with uppercase alphabet
const recoveryCodes = VsAuthenticator.generateRecoverCodes({
codeLength: 6,
codeType: "uppercase",
numberOfCodes: 20
});
// console.log(recoveryCodes);
[
'BSDDYS', 'XYOYVQ', 'NNXTVT',
'EEJTOT', 'YNVJGS', 'AXIALT',
'SAIHCL', 'QDRCHV', 'LNUGDF',
'JGLQJR', 'FJKGVJ', 'MXVOKT',
'CMFUDT', 'OSFMTV', 'PYXJGE',
'ADXAJN', 'YSUFSF', 'OLCFKY',
'IKIGOP', 'KMJPTI'
]
4. Generate recovery codes with only symbols (not good practice but it is generic function that can generate random symbols from charset)
const recoveryCodes = VsAuthenticator.generateRecoverCodes({
codeLength: 6,
codeType: "symbols",
numberOfCodes: 20
});
// console.log(recoveryCodes);
[
'?<]?%}', '&#!&};', '}@,%@(',
'@.&}(/', '{*.}%%', ']].*?!',
'.?]#&(', '}?>*,#', ':!<@@>',
',.);:<', '#)$%.[', '],/>##',
'{!@!()', ']</)>[', ',[#<#!',
'?:@;:;', ',[:&(*', '*@,:*;',
'?$!:]]', ';>;!,<'
]
5. Generate recovery codes
const recoveryCodes = VsAuthenticator.generateRecoverCodes({
codeLength: 6,
codeType: "random",
numberOfCodes: 20
});
// console.log(recoveryCodes);
[
'GAT@A#', 'c4fxd;', 'o#@;6[',
'KfZ4mY', 'xX.)b$', 'Fwa)qh',
'AV$C7L', 'b;:7kh', 'l%it6T',
'6d!>E)', '$0po(b', 'Mk*k5B',
'nYp>/J', '.Gj$h1', 'x$xHb3',
'?{4zhv', 'sKKsLB', 'MVfAOG',
'&wDoY7', 'sQ@CHF'
]