UNPKG

modern-totp

Version:

Modern TypeScript TOTP generator and verifier (RFC 6238)

100 lines (73 loc) 2.9 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
# Modern TOTP Generator & Validator A simple utility to generate **One-Time Passwords (OTPs)** and **OTP Auth URLs** for applications like Google Authenticator, Authy, and Microsoft Authenticator. Supports **TOTP** (Time-based OTP) with configurable parameters and **QR code generation**. ## 📦 Installation ```bash npm install modern-totp ``` ## 🚀 Usage ### 1. ES Module (import) ```javascript import { generateOtp, generateOtpAuthUrl } from 'modern-totp'; import QRCode from 'qrcode'; // Generate an OTP const otp = generateOtp('JBSWY3DPEHPK3PXP'); // secret console.log('Generated OTP:', otp); // Generate OTP Auth URL const otpAuthUrl = generateOtpAuthUrl( 'JBSWY3DPEHPK3PXP', // secret 'user@example.com', // account 'MyApp' // issuer ); console.log('OTP Auth URL:', otpAuthUrl); // Generate QR Code QRCode.toDataURL(otpAuthUrl, (err, imageUrl) => { if (err) throw err; console.log('QR Code Data URL:', imageUrl); }); ``` ### 2. CommonJS (require) ```javascript const { generateOtp, generateOtpAuthUrl } = require('modern-totp'); const QRCode = require('qrcode'); // Generate an OTP const otp = generateOtp('JBSWY3DPEHPK3PXP'); // secret console.log('Generated OTP:', otp); // Generate OTP Auth URL const otpAuthUrl = generateOtpAuthUrl( 'JBSWY3DPEHPK3PXP', // secret 'user@example.com', // account 'MyApp' // issuer ); console.log('OTP Auth URL:', otpAuthUrl); // Generate QR Code QRCode.toDataURL(otpAuthUrl, (err, imageUrl) => { if (err) throw err; console.log('QR Code Data URL:', imageUrl); }); ``` ## 📖 API Reference ### `generateOtp(secret: string, digits?: number, period?: number, algorithm?: string): string` Generates a **time-based OTP**. * **`secret`**: Base32 encoded secret key. * **`digits`**: OTP length (default: `6`). * **`period`**: Validity in seconds (default: `30`). * **`algorithm`**: Hash algorithm (`SHA1`, `SHA256`, `SHA512`). ### `generateOtpAuthUrl(secret: string, account: string, issuer: string, algorithm?: string, digits?: number, period?: number): string` Generates an **otpauth://** URL for TOTP apps. * **`secret`**: Base32 encoded secret. * **`account`**: User account identifier (email, username, etc.). * **`issuer`**: App or service name. * **`algorithm`**: `SHA1`, `SHA256`, or `SHA512` (default: `SHA1`). * **`digits`**: OTP length (default: `6`). * **`period`**: Validity in seconds (default: `30`). ## 🔹 Example Output ``` Generated OTP: 482193 OTP Auth URL: otpauth://totp/MyApp:user%40example.com?secret=JBSWY3DPEHPK3PXP&issuer=MyApp&algorithm=SHA1&digits=6&period=30 QR Code Data URL: data:image/png;base64,iVBORw0... ``` ## 📌 Notes * The **OTP Auth URL** can be scanned in Google Authenticator, Authy, or any TOTP-compatible app. * Use the `qrcode` package to generate QR codes for easier setup. * Keep your secret key safe — anyone with it can generate valid OTPs.