- 📖 Overview
- 🛠️ Installation
- 🧪 Running Tests
- 🔑 OTP (One-Time Password)
- ✨ Custom OTP
- ⏳ TOTP (Time-based One-Time Password)
- 🔐 HOTP (HMAC-based One-Time Password)
- 🔐 Recovery Code
- 👨💻 Author
- 📄 License
otp-agent
is a JavaScript package designed for generating one-time passwords (OTPs). It supports various types of OTPs, including custom OTPs, Time-based One-Time Passwords (TOTP), HMAC-based One-Time Passwords (HOTP), and recovery codes. This package is useful for implementing secure authentication mechanisms in your applications.
- 🔒 Authentication Systems: Enhance security by using OTPs for two-factor authentication (2FA) or multi-factor authentication (MFA).
- 🔐 Transaction Verification: Securely verify transactions by requiring an OTP.
- 🔏 Access Control: Implement OTPs for temporary access to sensitive information or systems.
- ✨ Custom OTP Requirements: Generate OTPs with specific character sets for specialized use cases.
- ⏳ TOTP: Generate time-based OTPs that change after a specified period, ideal for time-sensitive authentication.
- 🔐 HOTP: Generate counter-based OTPs that change with each authentication attempt, suitable for systems requiring persistent OTPs until used.
- 🔐 Recovery Codes: Provide backup authentication methods when the primary OTP (OTP, TOTP, HOTP) method is unavailable.
To install the otp-agent
module, ensure you have Node.js installed. You can then install the module via the npm registry. Use the following command to add otp-agent
to your project:
npm install otp-agent
For more information on installing npm packages, refer to the npm documentation.
To run tests for the otp-agent
module, use the following command:
npm run test
An OTP is a password that is valid for only one login session or transaction. This module allows you to generate OTPs using numbers, alphabets, and special characters. The default length is 6 characters, but it can be customized up to 100 characters.
📄 Example & Usage (with import statement)
import { generateOTP } from "otp-agent";
let otp = generateOTP();
console.log(otp); // 526775
otp = generateOTP({ length: 4, numbers: true, alphabets: true });
console.log(otp); // i5v3
otp = generateOTP({
length: 8,
numbers: true,
alphabets: true,
upperCaseAlphabets: true,
specialChars: true,
});
console.log(otp); // NZ9O#akS
-
length
(optional): The length of the OTP. Default is 6. -
numbers
(optional): Include numbers in the OTP. Default is true. -
alphabets
(optional): Include alphabets in the OTP. Default is false. -
upperCaseAlphabets
(optional): Include uppercase alphabets in the OTP. Default is false. -
specialChars
(optional): Include special characters in the OTP. Default is false.
📄 Example & Usage (with require statement)
const { generateOTP } = require("otp-agent");
// Default OTP length is 6 and max is 100
const otp = generateOTP();
console.log(otp); // 543921
A Custom OTP is generated using a specified set of characters. This allows for more control over the characters included in the OTP, making it suitable for specific use cases where certain characters are required.
import { generateCustomOTP } from "otp-agent";
const customOTP = generateCustomOTP({ characters: "Abc@#$123", length: 5 });
console.log(`Generated OTP: ${customOTP}`); // 1@c3#
-
characters
: A string containing the set of characters to use for the OTP. -
length
(optional): The length of the OTP. Default is 6.
TOTP is an extension of OTP that uses the current time as a source of uniqueness. It generates a time-based OTP that changes after a certain period, typically 30 seconds. This is commonly used in two-factor authentication systems.
import { generateTOTP } from "otp-agent";
// Define your secret key
const totp = generateTOTP({ secret: "JBSWY3DPEHPK3PXP" });
console.log(totp); // 123456
-
secret
: A shared secret key used to generate the TOTP. -
timeStep
(optional): The time step in seconds. Default is 30. -
digits
(optional): The number of digits in the OTP. Default is 6. -
algorithm
(optional): The hashing algorithm to use (e.g., 'SHA-1', 'SHA-256', 'SHA-384', 'SHA-512'). Default is 'SHA-1'. -
encoding
(optional): The encoding of the secret key (e.g., 'ascii', 'hex', 'base32', 'base64'). Default is 'base32'.
HOTP is an OTP algorithm based on HMAC (Hash-based Message Authentication Code). It generates a counter-based OTP that changes with each authentication attempt. This is useful for systems where the OTP needs to remain valid until it is used.
import { generateHOTP } from "otp-agent";
// Define your secret key and counter
const hotp = generateHOTP({ secret: "JBSWY3DPEHPK3PXP", counter: 1 });
console.log(hotp); // 654321
-
secret
: A shared secret key used to generate the HOTP. -
counter
: A counter value that increments with each OTP generation. -
digits
(optional): The number of digits in the OTP. Default is 6. -
algorithm
(optional): The hashing algorithm to use (e.g., 'SHA-1', 'SHA-256', 'SHA-384', 'SHA-512'). Default is 'SHA-1'. -
encoding
(optional): The encoding of the secret key (e.g., 'ascii', 'hex', 'base32', 'base64'). Default is 'base32'.
Recovery codes are used as a backup method for authentication when the primary OTP method is unavailable. These codes are typically generated in advance and stored securely by the user.
import { generateRecoveryCodes } from "otp-agent";
const recoveryCodes = generateRecoveryCodes({
numberOfCodes: 4,
codeLength: 8,
});
console.log(recoveryCodes); // ['44ba0b8c', '3a550413', 'f7cb9a40', '046ee4a0']
-
numberOfCodes
: The number of recovery codes to generate. -
codeLength
: The length of each recovery code. -
encoding
(optional): The encoding of the recovery codes (e.g., 'hex', 'base32', 'base64'). Default is 'hex'.
© Licensed under the MIT License.