Skip to content

An OTP generator that implements RFC4226 (HOTP) and RFC6238 (TOTP)

License

Notifications You must be signed in to change notification settings

codejockie/otp-gen

Repository files navigation

OTP Gen

Build Status codecov npm

A One Time Password generator with a customisable implementation of the HMAC based One Time Password (HOTP) and Time based One Time Password (TOTP).

Installation

npm install @codejockie/otp-gen

Code Sample:

  import { hotp, totp } from "@codejockie/otp-gen"

  // HOTP
  const hotpToken = hotp({ key: "shared_secret", counter: 20 })

  // TOTP
  const totpToken = totp({ key: "shared_secret" })

API

HOTP

HMAC based One Time Password (HOTP) function takes an object as an argument as follows:

Key Type Default Value Description
key string - Unique shared secret key for encrypting C (counter) values for HMAC algorithm
counter number - 8-byte incrementing counter value
algorithm HashAlgo "sha1" HMAC Algorithm to use
digits number 6 Return digits of HOTP value, according to RFC4226, length >= 6

TOTP

Time based One Time Password (TOTP) function takes an object as an argument as follows:

Key Type Default Value Description
key string - Shared secret used for encryption
epochTime number Current Unix time Unix Epoch time, defaults to current Unix time
t0 number 0 Unix time used to start counting time steps
timeStepX number 30 Time step in seconds, default 30s
algorithm HashAlgo "sha1" HMAC Algorithm to use
digits number 6 Return digits of TOTP value, according to RFC6238, length >= 6

HashAlgo is an enum consisting of these values: "sha1" | "sha256" | "sha512"

Examples:

Using a different hashing algorithm

import { hotp } from "@codejockie/otp-gen"

hotp({
  key: "shared_secret",
  counter: 12345,
  algorithm: "sha256",
})

Using a different return digits

import { totp } from "@codejockie/otp-gen"

hotp({
  key: "shared_secret",
  counter: 12345,
  digits: 10,
})

Using a different unix time

import { totp } from "@codejockie/otp-gen"

totp({
  key: "shared_secret",
  epochTime: 123456
})

Using a different T0 and Time Step X

import { totp } from "@codejockie/otp-gen"

totp({
  key: "shared_secret",
  t0: 10,
  timeStepX: 60,
})

TypeScript

This library has first hand support for TS.

TypeScript Usage

  import { HashAlgo, hotp, totp } from "@codejockie/otp-gen"

  // HOTP
  const hotpToken = hotp({ key: "shared_secret", counter: 20, algorithm: HashAlgo.SHA512 })

  // TOTP
  const totpToken = totp({ key: "shared_secret", algorithm: HashAlgo.SHA512 }) 

Contributing

Pull Requests are welcomed!

Issues

Please file an issue if you encounter any.

Buy Me A Coffee

About

An OTP generator that implements RFC4226 (HOTP) and RFC6238 (TOTP)

Topics

Resources

License

Stars

Watchers

Forks

Packages