Skip to content
/ 2fa-server-node Public

A node module implementing TOTP (2-factor authentication) for comunication between servers.

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

jlcvp/2fa-server-node

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

15 Commits
lib
lib
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
package-lock.json
package-lock.json
 
 
package.json
package.json
 
 

Repository files navigation

2factor-auth

NPM

Module for generating and verifying 2FA codes (specifically TOTP and HOTP).

Also contains utilities for handling common 2FA business logic, such as generating backup codes and otpauth urls.

Install

npm install --save 2factor-auth

Usage

with async/await (or promises)

const tfa = require('2factor-auth');

function registerUserTwoFactor() {
  // Name of your service (will appear on top of the authenticator app)
  const serviceName = 'Cool service that is 2FA protected';

  // Account name of the user (will also appear in the authenticator app)
  const account = 'myUsername@email.com';

  // generate crypto-secure hex key with 32 characters
  const key = await tfa.generateKeyPromise(32);

  // generate 8 crypto-secure backups codes with in a user-friendly pattern (xxxx-xxxx)
  // [ '7818-b7b8', '3526-d3f2', 'be3c-5d9f', ... ]
  const codes = await tfa.generateBackupCodesPromise(8);

  // generate a URL for the user to open in their 2FA app
  const url = tfa.generateURL(serviceName, account, key);
  // otpauth://totp/...
  
  // send this URL to the user, generate a QR code, etc.

  /** SAVE THE CODES AND KEY IN YOUR BACKEND/DB associated to the user **/
}

function verifyTwoFactorCode(secret_key, receivedCode) {

  // verify the received code without drift
  const valid = tfa.verifyTOTP(secret_key, receivedCode);
  
  // verify the received code with drift (allows for some time difference between the server and the client)
  const validWithDrift = tfa.verifyTOTP(secret_key, receivedCode, {
    beforeDrift: 2,
    afterDrift: 2
  });

  return valid;
}

with Callbacks

const tfa = require('2factor-auth');

function registerUserTwoFactor(callback) {
  // Name of your service (will appear on top of the authenticator app)
  const serviceName = 'Cool service that is 2FA protected';

  // Account name of the user (will also appear in the authenticator app)
  const account = 'myUsername@email.com';

  // generate crypto-secure hex key with 32 characters
  tfa.generateKey(32, (err, key) => {
    if (err) {
      callback(err);
      return;
    }

    // generate 8 crypto-secure backups codes with in a user-friendly pattern (xxxx-xxxx)
    // [ '7818-b7b8', '3526-d3f2', 'be3c-5d9f', ... ]
    tfa.generateBackupCodes(8, (err, codes) => {
      if (err) {
        callback(err);
        return;
      }

      // generate a URL for the user to open in their 2FA app
      const url = tfa.generateURL(serviceName, account, key);
      // otpauth://totp/...
      
      // send this URL to the user, generate a QR code, etc.

      /** SAVE THE CODES AND KEY IN YOUR BACKEND/DB associated to the user **/
      callback(null);
    });
  });
}

function verifyTwoFactorCode(secret_key, receivedCode) {
  // verify the received code without drift
  const valid = tfa.verifyTOTP(secret_key, receivedCode);
  
  // verify the received code with drift (allows for some time difference between the server and the client)
  const validWithDrift = tfa.verifyTOTP(secret_key, receivedCode, {
    beforeDrift: 2,
    afterDrift: 2
  });


  return valid;
}

About

A node module implementing TOTP (2-factor authentication) for comunication between servers.

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

3 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 2

  •  
  •  

Languages