Skip to content

Latest commit

 

History

History
77 lines (49 loc) · 1.65 KB

README.md

File metadata and controls

77 lines (49 loc) · 1.65 KB
Raw

TOTPUtil

TOTPUtil is a Node.js utility class for generating and verifying Time-based One-Time Passwords (TOTP) for two-factor authentication (2FA).

Features

  • Generate secret keys for TOTP
  • Generate HOTP (HMAC-based One-Time Password)
  • Generate TOTP (Time-based One-Time Password)
  • Verify TOTP codes

Installation

npm install totputil

Usage

import TOTPUtil from 'totputil';

// Create a new TOTPUtil instance
const totpUtil = new TOTPUtil();

// Generate a secret key
const secret = totpUtil.generateSecret();
console.log('Secret:', secret);

// Generate a TOTP
const totp = totpUtil.generateTOTP(secret);
console.log('TOTP:', totp);

// Verify a TOTP
const isValid = totpUtil.verifyTOTP('123456', secret);
console.log('Is valid:', isValid);

API

constructor(secretLength = 20, timeStep = 30, codeDigits = 6)

Creates a new TOTPUtil instance.

  • secretLength: Length of the generated secret (default: 20)
  • timeStep: Time step in seconds (default: 30)
  • codeDigits: Number of digits in the generated TOTP (default: 6)

generateSecret()

Generates a new secret key.

generateHOTP(secret, counter)

Generates an HMAC-based One-Time Password.

  • secret: The secret key
  • counter: The counter value

generateTOTP(secret, window = 0)

Generates a Time-based One-Time Password.

  • secret: The secret key
  • window: Time window offset (default: 0)

verifyTOTP(otp, secret, window = 1)

Verifies a given TOTP against the secret.

  • otp: The TOTP to verify
  • secret: The secret key
  • window: Time window for verification (default: 1)

License

This project is licensed under the ISC License.