Nerdy Programmers Mingling

    meiaentrada-otp

    1.0.15 • Public • Published

    MEIA ENTRADA OTP

    This is a simple library to implement features based on OTP (One-Time Password) algorithms, more specific TOTP algorithm. OTP algorithms are commonly used to implement two factor authentication (2FA). There are two algorithms: HOTP(HMAC-based One-Time Password) and TOTP(Time-Based One-Time Password):

    • HOTP This algorithm generates a otp code based in a secret, current timestamp and a event counter, see RFC 4226.
    • TOTP This algorithm generates the otp code based in a secret and current timestamp. see RFC 6238

    To install

    To install and save this dependencie in package.json:

    npm i meiaentrada-otp --save

    To simple install:

    npm i meiaentrada-otp

    Knowledge

    • secret: A unique key value per user to generate otp values; For example: "secret_of_client_01"

    • holder: A value to represent a people or entity that is using otp value like a client. For example: "bank_01"

    • issuer: A value to represent the website or enterprise that is generating otp values to clients. For example: "bank_client_01"

    • otp value: A positive number with 6 characters. For example: "123456"

    Methods

    generateKey() Generates a 32-character (160-bit) base32 key

    generateOtpURI(secret, holder, issuer) Generate a URI base on OTPAUTH protocol - for more info. There is only a exception, the holder information is present on the URI params.

    isValidTokenOTP(secret, otpValue) Validates a time-based token within a +/- 30 second (90 seconds) window. Return true or false in according with secret, current timestamp and otp value.

    generateTokenOTP(secret) Generates a 6-digit (20-bit) decimal time-based token

    Usage

    const otp = require('meiaentrada-otp');
     
    const secret = otp.generateKey();
    console.log(secret); // "igxo jj5n gpuj gv4c lotw ve7d tmlu xftb"
     
    const holder = 'user_01';
    const issuer = 'enterprise_01';
     
    const uri = otp.generateOtpURI(secret, holder, issuer);
    console.log(uri); // otpauth://totp/enterprise_01:user_01?secret=7MEYUZ52337HOOKX25GE3RVIMQ6MJK4O&issuer=enterprise_01&algorithm=SHA1&digits=6&period=30&holder=user_01
     
    const otpCode = otp.generateTokenOTP(secret);
    console.log(otpCode); // 774729
     
    let isValidToken = otp.isValidTokenOTP(secret, otpCode);
    console.log(isValidToken); // true
     
    isValidToken = otp.isValidTokenOTP('wrong-secret', otpCode);
    console.log(isValidToken); // false

    Install

    npm i meiaentrada-otp

    DownloadsWeekly Downloads

    17

    Version

    1.0.15

    License

    ISC

    Unpacked Size

    3.67 kB

    Total Files

    3

    Last publish

    Collaborators

    • otavaresgabriel