UNPKG

node-less-otp

Version:

A super lightweight library for generating and verifying one-time passwords (OTPs) without the database interaction and additional dependencies.

github.com/maxonlinux/node-less-otp

maxonlinux/node-less-otp

94 lines (93 loc) 3.98 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
type LessOtpConfig = { /** Secret salt used for encryption (if not specified, the random key will be generated) */ secretSalt?: string; /** Encryption algorithm (default is 'aes-256-cbc') */ algorithm?: string; /** Initialization vector length (default is 16) */ ivLength?: number; /** Flag to indicate if the OTP hash set should be enabled to ensure that each OTP is only used once. Defaults to true (setting it to false is not recommended) */ enableSet?: boolean; }; type GenerateOptions = { /** * Template for OTP generation using a structured string format (defaults to 6 random digits e.g. 491945): * - 'N' for numeric (0-9) * - 'L' for lowercase letters (a-z) * - 'U' for uppercase letters (A-Z) * - 'A' for alphanumeric characters (0-9, a-z, A-Z) * - 'M' for mixed-case letters (both a-z and A-Z) * - 'N{3}' for a group of 3 random digits * - 'M{4}' for a group of 4 random mixed-case letters * - Groups can be combined with separators (e.g., '-') or any other characters. * * @example * // Generates OTP of format 'M{3}-N{3}' (e.g., 'aBc-123') * const otp = lessOtp.gen("user@example.com", { template: 'M{3}-N{3}' }); * console.log(otp); // Output: { otp: 'aBc-123', hash: '...', expiresAt: <timestamp> } * * @example * // Generates OTP of format 'L{3}-M{2}' (e.g., 'abc-CD') * const otp = lessOtp.gen("user@example.com", { template: 'L{3}-M{2}' }); * console.log(otp); // Output: { otp: 'abc-CD', hash: '...', expiresAt: <timestamp> } * * @example * // Generates OTP of format 'A{4}' (e.g., '1aB2') * const otp = lessOtp.gen("user@example.com", { template: 'A{4}' }); * console.log(otp); // Output: { otp: '1aB2', hash: '...', expiresAt: <timestamp> } * * @example * // Generates OTP of format 'N{2}-M{2}-U{2}' (e.g., '12-ab-XY') * const otp = lessOtp.gen("user@example.com", { template: 'N{2}-M{2}-U{2}' }); * console.log(otp); // Output: { otp: '12-ab-XY', hash: '...', expiresAt: <timestamp> } */ template?: string; /** Time-to-live in seconds for the generated OTP. Defaults to Infinity (unlimited) (not recommended) */ ttl?: number; }; declare class LessOtp { private secretSalt; private algorithm; private ivLength; private enableSet; private hashSet; constructor(config?: LessOtpConfig); /** * Generates an OTP using a template (regex) or custom function. * @param {string} id - Unique identifier (e.g., phone, email, username, etc.). * @param {GenerateOptions} options - Options for OTP generation. * @returns {Object} - OTP and hash. */ gen(id: string, options?: GenerateOptions): { otp: string; hash: string; }; /** * Verifies the OTP by comparing it with the decrypted OTP hash. * @param {string} id - Unique identifier. * @param {string} submitted - Submitted OTP to verify. * @param {string} hash - Encrypted OTP hash. * @returns {boolean} - Whether the OTP is valid. */ verify(id: string, hash: string, submitted: string): boolean; /** * Encrypts the OTP using the identifier as a key. * @param {string} payload - String to encrypt (e.g. stringified object with OTP and expiration). * @param {string} id - Unique identifier used as encryption key. * @returns {string} - Encrypted OTP hash. */ private encryptOtp; /** * Decrypts the OTP hash using the identifier. * @param {string} hash - Encrypted OTP hash. * @param {string} id - Unique identifier used for decryption. * @returns {string} - Decrypted object with OTP and expiration. */ private decryptOtp; /** * Derives a key from the identifier using SHA-256. * @param {string} id - Identifier to derive key from. * @returns {Buffer} - Derived key. */ private deriveKey; } export { LessOtp };