npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

otp-process

v1.0.4

Published

This package is created for generating otp login system on the server without using database and to verify the otp also it's just a layer of abstraction on the piece of code.

Downloads

9

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

keepcodingkeepcoding

Keywords

otp-systemotpVerificationloginHowtoverifyotpontheserverbackendBackendotpotp-process

Readme

Otp-process

This piece of code will used to generate "OTP" on the server and as well as verify the otp on the server side without storing otp in database

Example with project

// importing module
const Otp = require("otp-process");

class UserController {
    // for sending signup otp
    async sendOtp(req , res){
        
        // destructuring the body
        const {email , mobile} = req.body;

        // validation
        if(!email && !mobile){
            return res.json({msg:"Email or Mobile required" , flag : false});
        };

        // creating otp
        const otp = Otp.createOtp(4 , {data : email?email:mobile} , 1 , process.env.OTP_SECRET);

        // cheking where to send otp

        // if user requested with email
        if(email){
            // validating otp
            if(otp.error){
                return res.json({msg:otp.error , flag : false});
            };

            // sent otp to email but here i am consoling the otp
            console.log(otp.otp);
            
            return res.json({hash : otp.hash , data : otp.data , flag:true});

        }
        // if user requested with mobile
        else if(mobile){
            // validating otp
            if(otp.error){
                return res.json({msg:otp.error , flag : false});
            };

            // sent otp to mobile but here i am consoling the otp
            console.log(otp.otp);
            
            return res.json({hash : otp.hash , data : otp.data , flag:true});
        }
    };

    // verify otp and create user account
    async verifyOtp(req , res){
        // destructuring data
        const {hash , data , otp} = req.body;

        // validating
        if(!hash || !data || !otp){
            return res.json({msg:"All fields are required" , flag : false});
        };

        // verifying otp
        const isVerify = Otp.verify(hash , data , otp , process.env.OTP_SECRET);

        if(isVerify.error){
            return res.json({msg:isVerify.error , flag:false});
        }

        // now user verified you can also verify one more time by the code given below
        
        if(isVerify.flag){
            // now fully confirmed that user is verified
            // Now you can do your signup process here
        }

    }
}

module.exports = new UserController();

In given example you can easily understand, how this module works. In verifyOtp controller, you will get Otp, Hash and Data from the request.body. User will receive email or message via sendOtp api, In sendOtp hash and data will travel via response object but Otp will travel via message or email and then Hash, Data and Otp will travel via request.body.

How to use

import otp-process

const otp = require("otp-process");

Basic, How to create OTP

const Otp = otp.createOtp();

if (!Otp.error) {
  const { error, ...data } = Otp;
  console.log(data);
}

Basic, How to VerifyOtp

// To verify it we need to {hash , data , otp}
// verifying otp
const isVerify = otp.verify(Otp.hash, Otp.data, Otp.otp);
console.log(isVerify);

/*
Output will be
{ error: false, data: {}, flag: 'Otp verified' }
*/

In upper code we created unsecure otp system and verified it.

Let's learn about createOtp here

In createOtp we have four arguments there -

Otp Length

Otp length decides your otp length it have length restrictions here

  1. Minimum length should not be less than 4.
  2. Max length should be less than 13.
  3. Only Integer will be accepted here.

Data

Data is a javascript Object this will be used to make your Otp system more secure and this have no restrictions here.

Expiry

This argument is useful in verifying process. it will decide that, "Is this otp expired or not". And only one restriction is there that only Integer will be accepted here.

Secret

By default it set tobe None but it is not good, this argument is highly sensitive and you should keep it in .env files, Anybody can easily bypass this otp system with this secret that's why you have to make your ''Secret'' more strong.

Let's create a secure otp using createOtp

// creating data
const data = {
  email: "[email protected]",
  name: "Abcd",
};

// creating expiry time for 1 minute
const expiry = 1;

// setting length 6 char
const length = 6;

// creating otp
const Otp = otp.createOtp(length, data, expiry, process.env.OTP_SECRET);

// logging otp
console.log(Otp);
/*
  Output
  {
    error: false,
    otp: 876186,
    flag: true,
    data: { email: '[email protected]', name: 'Abcd' },
    hash: '9b365348306e109c2f00f5128864114570a8ec39fe0e9837f30e1cee9d35c842.1656484856707'
  }
*/

// Now verifying otp
if (!Otp.error) {
  const { hash, data, otp: userOtp } = Otp;
  const isVerify = otp.verify(hash, data, userOtp, process.env.OTP_SECRET);
}