totp-generator
Advanced tools
totp-generator lets you generate TOTP tokens from a TOTP key
import { TOTP } from "totp-generator"
// Keys provided must be base32 strings, ie. only containing characters matching (A-Z, 2-7, =).
const { otp, expires } = await TOTP.generate("JBSWY3DPEHPK3PXP")
console.log(otp) // prints a 6-digit time-based token based on provided key and current time
Settings can be provided as an optional second parameter:
import { TOTP } from "totp-generator"
const { otp } = await TOTP.generate("JBSWY3DPEHPK3PXP", { digits: 8 })
console.log(otp) // prints an 8-digit token
const { otp } = await TOTP.generate("JBSWY3DPEHPK3PXP", { digits: 8, explicitZeroPad: true })
console.log(otp) // prints an 8-digit token (with explicit zero padding to always be 8 digits long)
const { otp } = await TOTP.generate("JBSWY3DPEHPK3PXP", { algorithm: "SHA-512" })
console.log(otp) // prints a token created using a different algorithm
const { otp } = await TOTP.generate("JBSWY3DPEHPK3PXP", { period: 60 })
console.log(otp) // prints a token using a 60-second epoch interval
const { otp } = await TOTP.generate("JBSWY3DPEHPK3PXP", { timestamp: 1465324707000 })
console.log(otp) // prints a token for given time
const { otp } = await TOTP.generate("JBSWY3DPEHPK3PXP", {
digits: 8,
algorithm: "SHA-512",
period: 60,
timestamp: 1465324707000,
})
console.log(otp) // prints a token using all custom settings combined
The generate() method has been refactored to be asynchronous. This was done by replacing the external jssha library with the native Web Crypto API, which is more secure and performant.
| Before (v1.x.x) | After (v2.0.0) |
|---|---|
const token = generate(secret); | const token = await generate(secret); |
otplib is a comprehensive library for generating and validating both TOTP and HOTP (HMAC-based One-Time Passwords). It offers more configuration options and supports both TOTP and HOTP, making it more versatile compared to totp-generator.
speakeasy is another popular library for generating and verifying TOTP and HOTP. It provides a wide range of features including QR code generation for easy setup with authenticator apps. It is more feature-rich compared to totp-generator.
notp is a minimalistic library for generating and verifying TOTP and HOTP. It is lightweight and easy to use, but it lacks some of the advanced features found in otplib and speakeasy. It is simpler but less versatile compared to totp-generator.
FAQs
Generate TOTP tokens from key
The npm package totp-generator receives a total of 178,961 weekly downloads. As such, totp-generator popularity was classified as popular.
We found that totp-generator demonstrated a healthy version release cadence and project activity because the last version was released less than a year ago. It has 1 open source maintainer collaborating on the project.
Did you know?
Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.
Security News
GitHub postponed a new billing model for self-hosted Actions after developer pushback, but moved forward with hosted runner price cuts on January 1.
Research
Destructive malware is rising across open source registries, using delays and kill switches to wipe code, break builds, and disrupt CI/CD.
Security News
Socket CTO Ahmad Nassri shares practical AI coding techniques, tools, and team workflows, plus what still feels noisy and why shipping remains human-led.