1.1.0 • Published 3 months ago

@esthe/totp v1.1.0

Weekly downloads
-
License
-
Repository
-
Last release
3 months ago

@esthe/totp

A TOTP (Time-based one-time password) / HOTP (HMAC-based one-time password) implementation in TypeScript.

ESM-only, no dependencies, browser-first. (but also works in Node.js)

pnpm install @esthe/totp

Usage

import { generateSeed, generateTOTP, verifyTOTPLaxed } from "@esthe/totp"

// server, generate a seed/secret
const seed = generateSeed()

// client, generate the one-time password for the current time, using the seed
const totp = await generateTOTP(seed)

// server, verify the one-time password. Allows about 1 minute of drift.
const correct = await verifyTOTPLaxed(seed, totp)

if (!correct) res.status(401).send("Invalid one-time password.") // or whatever
@everything-registry/sub-chunk-298
1.1.0

3 months ago

1.0.0

1 year ago