Lightweight rfc-compliant TOTP authentication library for nodejs based on crypto
Warning This package is unstable and still in active development. You are more than welcome to contribute and make use of it but please note that there may be breaking changes
Conforms to the IETF RFC 6238 specification including all interoperability test vectors.
yarn add @stevent-team/totpimport { generateTotp, validateTotp, type TotpOptions } from '@stevent-team/totp'
// Configure
const config: TotpOptions = {
secret: process.env['MY_SECRET_KEY'], // REQUIRED
timestamp: Date.now(),
period: 30, // seconds
periodOffset: 0,
algorithm: 'sha512',
outputDigits: 6,
}
// Generate a one time password (on a client)
const pass = generateTotp(config)
console.log(pass) // 568231
// Validate the one time password (on a server)
const isValid = validateTotp(pass, config)
console.log(isValid) // trueIssue and PR contributions are greatly welcomed and appreciated!
totp is licensed under MIT
Created with love by the Stevent Team 💙