jsotp

jsotp is a node module to generate and verify one-time passwords that were used to implement 2FA and MFA authentication method in web applications and other login-required systems.

The module was implement based on RFC4226 (HOTP: An HMAC-Based One-Time Password Algorithm) and RFC6238 (TOTP: Time-Based One-Time Password Algorithm)

Example

Feature

Generate random base32 encoded string
Generate a otpauth url with the b32 encoded string
Create a HOTP object with verification
Verify a HOTP token
Create a TOTP object with verification
Verify a TOTP token

Installation

npm install jsotp

Module

All modules support:

const jsotp = require('jsotp');

Usage

Time-based OTPs

// import
const jsotp = require('jsotp');
 
// Create TOTP object
const totp = jsotp.TOTP('BASE32ENCODEDSECRET');
totp.now(); // => 432143
 
// Verify for current time
totp.verify(432143); // => true
 
// Verify after 30s
totp.verify(432143); // => false

Counter-based OTPs

// import
const jsotp = require('jsotp');
 
// Create HOTP object
const hotp = jsotp.HOTP('BASE32ENCODEDSECRET');
hotp.at(0); // => 432143
hotp.at(1); // => 231434
hotp.at(2132); // => 242432
 
// Verify with a counter
hotp.verify(242432, 2132); // => true
hotp.verify(242432, 2133); // => false

Generate random base32 encoded secret

// import
const jsotp = require('jsotp');
 
// Generate
const b32_secret = jsotp.Base32.random_gen();

Api

• jsotp.Base32.random_gen(length)

param: length
type: int
default: 16
return: String
desc: the length of random base32 encoded string.

• jsotp.TOTP(secret)

param: secret
type: string
return: TOTP
desc: generate TOTP instance.

• jsotp.TOTP.now()

return: String
desc: get the one-time password with current time.

• jsotp.TOTP.verify(totp)

param: totp
type: string
return: Boolean
desc: verify the totp code.

• jsotp.TOTP.url_gen(issuer)

param: issuer
type: string
return: string
desc: generate url with TOTP instance

• jsotp.HOTP(secret)

param: secret
type: string
return: HOTP
desc: generate HOTP instance.

• jsotp.HOTP.at(counter)

param: counter
type: int
return: String
desc: generate one-time password with counter.

• jsotp.HOTP.verify(hotp, count)

param: hotp
type: string
param: count
type: int
return: Boolean
desc: verify the hotp code.

• jsotp.HOTP.url_gen(issuer)

param: issuer
type: string
return: string
desc: generate url with HOTP instance

Contribute

Clone repo and install dependencies

git clone git@github.com:LanceGin/jsotp.git
npm install

Contribute the code in src/, and run command below to build the es6 code to es2015. That will create a local directory named lib/.

npm run build

Unit test

npm test

jsotp

jsotp

Example

Feature

Installation

Module

Usage

Time-based OTPs

Counter-based OTPs

Generate random base32 encoded secret

Api

• jsotp.Base32.random_gen(length)

• jsotp.TOTP(secret)

• jsotp.TOTP.now()

• jsotp.TOTP.verify(totp)

• jsotp.TOTP.url_gen(issuer)

• jsotp.HOTP(secret)

• jsotp.HOTP.at(counter)

• jsotp.HOTP.verify(hotp, count)

• jsotp.HOTP.url_gen(issuer)

Contribute

中文文档

/jsotp/

Package Sidebar

Install

Repository

Homepage

Weekly Downloads

Version

License

Unpacked Size

Total Files

Last publish

Collaborators

jsotp

jsotp

Example

Feature

Installation

Module

Usage

Time-based OTPs

Counter-based OTPs

Generate random base32 encoded secret

Api

• jsotp.Base32.random_gen(length)

• jsotp.TOTP(secret)

• jsotp.TOTP.now()

• jsotp.TOTP.verify(totp)

• jsotp.TOTP.url_gen(issuer)

• jsotp.HOTP(secret)

• jsotp.HOTP.at(counter)

• jsotp.HOTP.verify(hotp, count)

• jsotp.HOTP.url_gen(issuer)

Contribute

中文文档

/jsotp/

Package Sidebar

Install

Repository

Homepage

DownloadsWeekly Downloads

Version

License

Unpacked Size

Total Files

Last publish

Collaborators

Weekly Downloads