@epic-web/totp - npm Package Compare versions

Comparing version 1.1.2 to 1.1.3

index.d.ts

		@@ -15,3 +15,3 @@ /**
		* base32 encoded (you can use https://npm.im/thirty-two). Defaults to a random
		* secret: base32.encode(crypto.randomBytes(10)).toString().
		* secret: base32Encode(crypto.randomBytes(10), 'RFC4648').
		* @returns {{otp: string, secret: string, period: number, digits: number, algorithm: string, charSet: string}}
		@@ -18,0 +18,0 @@ * The OTP, secret, and config options used to generate the OTP.

index.js

		@@ -6,6 +6,4 @@ /**

		/**
		* @type {{ encode: (data: string \| import('buffer').Buffer) => string, decode: (data: string) => import('buffer').Buffer }}
		*/
		import * as base32 from 'thirty-two'
		import base32Encode from 'base32-encode'
		import base32Decode from 'base32-decode'

		@@ -27,3 +25,3 @@ // SHA1 is not secure, but in the context of TOTPs, it's unrealistic to expect
		*
		* @param {Buffer} secret - The secret used to generate the HOTP.
		* @param {ArrayBuffer} secret - The secret used to generate the HOTP.
		* @param {Object} options - The configuration options for the HOTP.
		@@ -49,3 +47,4 @@ * @param {number} [options.counter=0] - The counter value to use for the HOTP.
		const byteCounter = Buffer.from(intToBytes(counter))
		const hmac = crypto.createHmac(algorithm, secret)
		const secretBuffer = Buffer.from(secret)
		const hmac = crypto.createHmac(algorithm, secretBuffer)
		const digest = hmac.update(byteCounter).digest('hex')
		@@ -124,3 +123,3 @@ const hashBytes = hexToBytes(digest)
		* base32 encoded (you can use https://npm.im/thirty-two). Defaults to a random
		* secret: base32.encode(crypto.randomBytes(10)).toString().
		* secret: base32Encode(crypto.randomBytes(10), 'RFC4648').
		* @returns {{otp: string, secret: string, period: number, digits: number, algorithm: string, charSet: string}}
		@@ -133,6 +132,6 @@ * The OTP, secret, and config options used to generate the OTP.
		algorithm = DEFAULT_ALGORITHM,
		secret = base32.encode(crypto.randomBytes(10)).toString(),
		secret = base32Encode(crypto.randomBytes(10), 'RFC4648'),
		charSet = DEFAULT_CHAR_SET,
		} = {}) {
		const otp = generateHOTP(base32.decode(secret), {
		const otp = generateHOTP(base32Decode(secret, 'RFC4648'), {
		counter: getCounter(period),
		@@ -213,3 +212,11 @@ digits,
		}) {
		return verifyHOTP(otp, base32.decode(secret), {
		let decodedSecret
		try {
		decodedSecret = base32Decode(secret, 'RFC4648')
		} catch (error) {
		// If the secret is invalid, return null
		return null
		}

		return verifyHOTP(otp, Buffer.from(decodedSecret), {
		counter: getCounter(period),
		@@ -216,0 +223,0 @@ digits,

package.json

		@@ -14,3 +14,3 @@ {
		},
		"version": "1.1.2",
		"version": "1.1.3",
		"description": "Create and verify cryptographically secure Time-based One-time Passwords (TOTP) using the HMAC-based One-time Password (HOTP) algorithm.",
		@@ -20,3 +20,4 @@ "main": "index.js",
		"test": "node --test --test-reporter spec --experimental-test-coverage *.test.js",
		"test:watch": "node --test --test-reporter spec --watch *.test.js"
		"test:watch": "node --test --test-reporter spec --watch *.test.js",
		"typecheck": "npx -p typescript tsc --declaration --emitDeclarationOnly --allowJs --checkJs --downlevelIteration --module nodenext --moduleResolution nodenext --target es2022 --outDir . index.js"
		},
		@@ -38,3 +39,4 @@ "keywords": [
		"dependencies": {
		"thirty-two": "^1.0.2"
		"base32-decode": "^1.0.0",
		"base32-encode": "^2.0.0"
		},
		@@ -41,0 +43,0 @@ "engines": {

@epic-web/totp - npm Package Compare versions

New alerts

Fixed alerts

Improved metrics

Worsened metrics

Dependency changes