npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

expo-otp-retriever

v0.1.0

Published

Expo module for retrieving OTP codes on Android using Google's SMS Retriever API

Downloads

8

Readme

expo-otp-retriever

An Expo module for retrieving OTP codes on Android using Google's SMS Retriever API.

Features

  • No SMS permissions required
  • Uses Google's SMS Retriever API
  • Automatic OTP detection
  • App hash generation for SMS format
  • Simple JavaScript API
  • TypeScript support

Installation

npm install expo-otp-retriever
# or
yarn add expo-otp-retriever

Requirements

  • Expo SDK 46 or higher
  • Android device with Google Play Services

Usage

1. Import the module

import OtpRetriever, { OtpRetrieverEvents } from 'expo-otp-retriever';

2. Get the app hash for SMS format

You need to include the app hash in the SMS message for the API to detect it. Send this hash to your backend so it can be included in the SMS.

async function getAppHash() {
  try {
    const hash = await OtpRetriever.getAppHash();
    console.log('App Hash:', hash);
    // Send this hash to your backend
    return hash;
  } catch (error) {
    console.error('Failed to get app hash:', error);
  }
}

3. Start listening for OTP messages

async function startListeningForOtp() {
  try {
    // Start listening with a timeout of 60 seconds
    await OtpRetriever.startListener(60);
    console.log('Started listening for OTP');
  } catch (error) {
    console.error('Failed to start OTP listener:', error);
  }
}

4. Set up event listeners

import { useEffect } from 'react';
import OtpRetriever, { OtpRetrieverEvents } from 'expo-otp-retriever';

function OtpScreen() {
  useEffect(() => {
    // Set up listeners
    const otpReceivedSubscription = OtpRetriever.addListener(
      OtpRetrieverEvents.OTP_RECEIVED,
      (event) => {
        console.log('OTP received:', event.otp);
        // Use the OTP code in your app
      }
    );

    const otpTimeoutSubscription = OtpRetriever.addListener(
      OtpRetrieverEvents.OTP_TIMEOUT,
      (event) => {
        console.log('OTP timeout:', event.message);
        // Handle timeout, e.g., show manual input
      }
    );

    const otpErrorSubscription = OtpRetriever.addListener(
      OtpRetrieverEvents.OTP_ERROR,
      (event) => {
        console.log('OTP error:', event.code, event.message);
        // Handle error
      }
    );

    // Start listening
    OtpRetriever.startListener(60).catch(console.error);

    // Clean up
    return () => {
      otpReceivedSubscription.remove();
      otpTimeoutSubscription.remove();
      otpErrorSubscription.remove();
      OtpRetriever.stopListener().catch(console.error);
    };
  }, []);

  return (
    // Your component rendering
  );
}

5. SMS Format

For the SMS Retriever API to detect the message, it must follow this format:

<#> Your verification code is: 123456
FA+9qCX9VSu

Where:

  • The message must begin with <#>
  • Include the OTP code (4-6 digits)
  • End with the app hash you generated

API Reference

Methods

startListener(timeoutSeconds?: number): Promise<void>

Starts listening for OTP SMS messages.

  • timeoutSeconds: Optional timeout in seconds, defaults to 60 seconds.

stopListener(): Promise<void>

Stops listening for OTP SMS messages and cleans up resources.

getAppHash(): Promise<string>

Generates an app signature hash needed for SMS OTP format.

addListener(eventName: OtpRetrieverEvents, listener: (event: any) => void): Subscription

Adds a listener for OTP events.

Events

OtpRetrieverEvents.OTP_RECEIVED

Fired when an OTP code is successfully received and extracted.

Event data:

{
  otp: "123456" // The extracted OTP code
}

OtpRetrieverEvents.OTP_TIMEOUT

Fired when the OTP listener times out.

Event data:

{
  message: "SMS retrieval timed out"
}

OtpRetrieverEvents.OTP_ERROR

Fired when an error occurs during OTP retrieval.

Event data:

{
  code: "ERROR_CODE",
  message: "Error message",
  details: {} // Optional additional details
}

Error Codes

  • LISTENER_ERROR: Error in the SMS listener
  • HASH_GENERATION_ERROR: Error generating the app hash
  • UNSUPPORTED_PLATFORM: The platform is not supported (iOS or web)
  • PLAY_SERVICES_UNAVAILABLE: Google Play Services is not available on the device

Troubleshooting

OTP not being detected

  1. Ensure the SMS format is correct:

    • Starts with <#>
    • Contains a 4-6 digit OTP code
    • Ends with the correct app hash
  2. Verify Google Play Services is available and up to date on the device.

  3. If testing in development, make sure you're using the app hash from the debug build. The hash is different for production builds.

App hash issues

For production apps, you need to get your hash from the Google Play Console after uploading your app. The locally generated hash only works for debug builds.

License

MIT