Notoriously Punctual Manatee

    passport-totp

    0.0.2 • Public • Published

    Passport-TOTP

    Passport strategy for two-factor authentication using a TOTP value.

    This module lets you authenticate using a TOTP value in your Node.js applications. By plugging into Passport, TOTP two-factor authentication can be easily and unobtrusively integrated into any application or framework that supports Connect-style middleware, including Express. TOTP values can be generated by hardware devices or software applications, including Google Authenticator.

    Note that in contrast to most Passport strategies, TOTP authentication requires that a user already be authenticated using an initial factor. Requirements regarding when to require a second factor are a matter of application-level policy, and outside the scope of both Passport and this strategy.

    Install

    $ npm install passport-totp
    

    Usage

    Configure Strategy

    The TOTP authentication strategy authenticates a user using a TOTP value generated by a hardware device or software application (known as a token). The strategy requires a setup callback.

    The setup callback accepts a previously authenticated user and calls done providing a key and period used to verify the HOTP value. Authentication fails if the value is not verified.

    passport.use(new TotpStrategy(
      function(user, done) {
        TotpKey.findOne({ userId: user.id }, function (err, key) {
          if (err) { return done(err); }
          return done(null, key.key, key.period);
        });
      }
    ));
    

    Authenticate Requests

    Use passport.authenticate(), specifying the 'totp' strategy, to authenticate requests.

    For example, as route middleware in an Express application:

    app.post('/verify-otp', 
      passport.authenticate('totp', { failureRedirect: '/verify-otp' }),
      function(req, res) {
        req.session.authFactors = [ 'totp' ];
        res.redirect('/');
      });
    

    Examples

    For a complete, working example, refer to the two-factor example.

    Tests

    $ npm install
    $ make test
    

    Build Status

    Credits

    License

    The MIT License

    Copyright (c) 2013 Jared Hanson <http://jaredhanson.net/>

    Install

    npm i passport-totp

    DownloadsWeekly Downloads

    14,414

    Version

    0.0.2

    License

    none

    Last publish

    Collaborators

    • jaredhanson