npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

jsotp

v1.0.4

Published

Javascript One-Time Password module.

Downloads

4,743

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

lanceginlancegin

Keywords

otptotphotprfc6238rfc4226

Readme

jsotp

jsotp is a node module to generate and verify one-time passwords that were used to implement 2FA and MFA authentication method in web applications and other login-required systems.

The module was implement based on RFC4226 (HOTP: An HMAC-Based One-Time Password Algorithm) and RFC6238 (TOTP: Time-Based One-Time Password Algorithm)

Example

Feature

  • Generate random base32 encoded string
  • Generate a otpauth url with the b32 encoded string
  • Create a HOTP object with verification
  • Verify a HOTP token
  • Create a TOTP object with verification
  • Verify a TOTP token

Installation

npm install jsotp

Module

All modules support:

const jsotp = require('jsotp');

Usage

Time-based OTPs

// import
const jsotp = require('jsotp');

// Create TOTP object
const totp = jsotp.TOTP('BASE32ENCODEDSECRET');
totp.now(); // => 432143

// Verify for current time
totp.verify(432143); // => true

// Verify after 30s
totp.verify(432143); // => false

Counter-based OTPs

// import
const jsotp = require('jsotp');

// Create HOTP object
const hotp = jsotp.HOTP('BASE32ENCODEDSECRET');
hotp.at(0); // => 432143
hotp.at(1); // => 231434
hotp.at(2132); // => 242432

// Verify with a counter
hotp.verify(242432, 2132); // => true
hotp.verify(242432, 2133); // => false

Generate random base32 encoded secret

// import
const jsotp = require('jsotp');

// Generate
const b32_secret = jsotp.Base32.random_gen();

Api

jsotp.Base32.random_gen(length)

param: length
type: int
default: 16
return: String
desc: the length of random base32 encoded string.

jsotp.TOTP(secret)

param: secret
type: string
return: TOTP
desc: generate TOTP instance.

jsotp.TOTP.now()

return: String
desc: get the one-time password with current time.

jsotp.TOTP.verify(totp)

param: totp
type: string
return: Boolean
desc: verify the totp code.

jsotp.TOTP.url_gen(issuer)

param: issuer
type: string
return: string
desc: generate url with TOTP instance

jsotp.HOTP(secret)

param: secret
type: string
return: HOTP
desc: generate HOTP instance.

jsotp.HOTP.at(counter)

param: counter
type: int
return: String
desc: generate one-time password with counter.

jsotp.HOTP.verify(hotp, count)

param: hotp
type: string
param: count
type: int
return: Boolean
desc: verify the hotp code.

jsotp.HOTP.url_gen(issuer)

param: issuer
type: string
return: string
desc: generate url with HOTP instance

Contribute

  • Clone repo and install dependencies
git clone [email protected]:LanceGin/jsotp.git
npm install
  • Contribute the code in src/, and run command below to build the es6 code to es2015. That will create a local directory named lib/.
npm run build
  • Unit test
npm test

中文文档