OTP io
Typed library to work 2fa via Google Authenticator/Time-based TOTP/Hmac-based HOTP
Example • API Reference
Why use this lib?
Install
npm
npm i otp-io
Yarn
yarn add otp-io
What is this?
HOTP
- HMAC-based One Time Password generation method. Uses incrementing with each login counter
and secret
to generate unique 6-8 digit codes.TOTP
- Time-based, uses current time
modulo period
(seconds) as counter in HOTP
,Google Authenticator
- uses simplified version of TOTP
to generate codes. Differences:
- Only
SHA-1
hash support - Only 6 digit codes
- Keys should not be padded
- TOTP period is 30 seconds
Google Authenticator limits are defaults for this library.
How it works?
import { totp, generateKey, getKeyUri } from "otp-io";
import { hmac, randomBytes } from "otp-io/crypto";
const key = generateKey(randomBytes, 20);
const url = getKeyUri({
type: "totp",
secret,
name: "User's Username",
issuer: "Your Site Name"
});
const input = "...";
const code = await totp(hmac, { secret });
if (code === input) {
}
Api Reference
API Reference