2017-06-27 14:49:17 +08:00
# jsotp
2017-06-27 17:02:20 +08:00
`jsotp` is a node module to generate and verify one-time passwords that were used to implement 2FA and MFA authentication method in web applications and other login-required systems.
The module was implement based on [RFC4226 ](https://tools.ietf.org/html/rfc4226 ) (HOTP: An HMAC-Based One-Time Password Algorithm) and [RFC6238 ](https://tools.ietf.org/html/rfc6238 ) (TOTP: Time-Based One-Time Password Algorithm)
### Feature
* Generate random base32 encoded string
* Generate a `otpauth url` with the b32 encoded string
* Create a HOTP object with verification
* Verify a HOTP token
* Create a TOTP object with verification
* Verify a TOTP token
### Installation
2017-06-28 17:15:37 +08:00
```shell
npm install jsotp
```
2017-06-27 17:02:20 +08:00
### Module
2017-06-28 17:15:37 +08:00
All modules support:
2017-06-27 17:02:20 +08:00
2017-06-28 17:15:37 +08:00
```javascript
let jsotp = require('jsotp');
```
2017-06-27 17:02:20 +08:00
Only `Base32` module support:
2017-06-28 17:15:37 +08:00
```javascript
let jsotp = require('jsotp/base32');
```
2017-06-27 17:02:20 +08:00
Only `HOTP` module support:
2017-06-28 17:15:37 +08:00
```javascript
let jsotp = require('jsotp/hotp');
```
2017-06-27 17:02:20 +08:00
Only `TOTP` module support:
2017-06-28 17:15:37 +08:00
```javascript
let jsotp = require('jsotp/totp');
```
2017-06-27 17:02:20 +08:00
### Usage
#### Time-based OTPs
```javascript
2017-06-27 17:13:28 +08:00
// import
2017-06-27 17:02:20 +08:00
let jsotp = require('jsotp');
2017-06-27 17:13:28 +08:00
// Create TOTP object
2017-06-29 15:32:08 +08:00
let totp = jsotp.TOTP('BASE32ENCODEDSECRET');
2017-06-27 17:13:28 +08:00
totp.now(); // => 432143
2017-06-27 17:02:20 +08:00
2017-06-27 17:13:28 +08:00
// Verify for current time
totp.verify(432143); // => true
2017-06-27 17:02:20 +08:00
2017-06-27 17:13:28 +08:00
// Verify after 30s
totp.verify(432143); // => false
2017-06-27 17:02:20 +08:00
```
#### Counter-based OTPs
```javascript
2017-06-27 17:13:28 +08:00
// import
2017-06-27 17:02:20 +08:00
let jsotp = require('jsotp');
2017-06-27 17:13:28 +08:00
// Create HOTP object
2017-06-29 15:32:08 +08:00
let hotp = jsotp.HOTP('BASE32ENCODEDSECRET');
2017-06-27 17:13:28 +08:00
hotp.at(0); // => 432143
hotp.at(1); // => 231434
hotp.at(2132); // => 242432
2017-06-27 17:02:20 +08:00
2017-06-27 17:13:28 +08:00
// Verify with a counter
hotp.verify(242432, 2132); // => true
hotp.verify(242432, 2133); // => false
2017-06-27 17:02:20 +08:00
```
#### Generate random base32 encoded secret
```javascript
2017-06-27 17:13:28 +08:00
// import
2017-06-27 17:02:20 +08:00
let jsotp = require('jsotp');
2017-06-27 17:13:28 +08:00
// Generate
2017-06-27 17:02:20 +08:00
let b32_secret = jsotp.Base32.random_gen();
```
### Api
#### • jsotp.Base32.random_gen()
#### • jsotp.Util.url_gen
#### • jsotp.TOTP.now()
#### • jsotp.TOTP.verify()
#### • jsotp.HOTP.at()
#### • jsotp.HOTP.verify()
2017-06-28 17:15:37 +08:00
### Develop
2017-06-30 07:51:35 +08:00
* Clone repo and install dependencies
2017-06-28 17:15:37 +08:00
```shell
git clone git@github.com:LanceGin/jsotp.git
npm install
```
* Contribute the code in `src/` , and run command below to build the es6 code to es2015. That will create a local directory named `lib/` .
```shell
npm run build
```
2017-06-29 15:32:08 +08:00
* Unit test
```shell
npm test
```
2017-06-27 17:02:20 +08:00
### [中文文档](docs/README_zh.md)
