Skip to content

Lightweight RFC-compliant TOTP authentication library based on crypto

License

Notifications You must be signed in to change notification settings

stevent-team/totp

Repository files navigation

🔑 totp

Lightweight rfc-compliant TOTP authentication library for nodejs based on crypto

npm version minzip size

Warning This package is unstable and still in active development. You are more than welcome to contribute and make use of it but please note that there may be breaking changes

Conforms to the IETF RFC 6238 specification including all interoperability test vectors.

Installation

yarn add @stevent-team/totp

Examples

import { generateTotp, validateTotp, type TotpOptions } from '@stevent-team/totp'

// Configure
const config: TotpOptions = {
  secret: process.env['MY_SECRET_KEY'], // REQUIRED
  timestamp: Date.now(),
  period: 30, // seconds
  periodOffset: 0,
  algorithm: 'sha512',
  outputDigits: 6,
}

// Generate a one time password (on a client)
const pass = generateTotp(config)
console.log(pass) // 568231

// Validate the one time password (on a server)
const isValid = validateTotp(pass, config)
console.log(isValid) // true

Contributing

Issue and PR contributions are greatly welcomed and appreciated!

License

totp is licensed under MIT

Created with love by the Stevent Team 💙