Otp-agent NPM | npm.io

OTP-Agent

📚 Table of Contents

📖 Overview

otp-agent is a JavaScript package designed for generating one-time passwords (OTPs). It supports various types of OTPs, including custom OTPs, Time-based One-Time Passwords (TOTP), HMAC-based One-Time Passwords (HOTP), and recovery codes. This package is useful for implementing secure authentication mechanisms in your applications.

💡 Use Cases

🔒 Authentication Systems: Enhance security by using OTPs for two-factor authentication (2FA) or multi-factor authentication (MFA).
🔐 Transaction Verification: Securely verify transactions by requiring an OTP.
🔏 Access Control: Implement OTPs for temporary access to sensitive information or systems.
✨ Custom OTP Requirements: Generate OTPs with specific character sets for specialized use cases.
⏳ TOTP: Generate time-based OTPs that change after a specified period, ideal for time-sensitive authentication.
🔐 HOTP: Generate counter-based OTPs that change with each authentication attempt, suitable for systems requiring persistent OTPs until used.
🔐 Recovery Codes: Provide backup authentication methods when the primary OTP (OTP, TOTP, HOTP) method is unavailable.

🛠️ Installation

To install the otp-agent module, ensure you have Node.js installed. You can then install the module via the npm registry. Use the following command to add otp-agent to your project:

npm install otp-agent

For more information on installing npm packages, refer to the npm documentation.

🧪 Running Tests

To run tests for the otp-agent module, use the following command:

npm run test

🔑 OTP (One-Time Password)

An OTP is a password that is valid for only one login session or transaction. This module allows you to generate OTPs using numbers, alphabets, and special characters. The default length is 6 characters, but it can be customized up to 100 characters.

📄 Example & Usage (with import statement)

import { generateOTP } from "otp-agent";

let otp = generateOTP();
console.log(otp); // 526775

otp = generateOTP({ length: 4, numbers: true, alphabets: true });
console.log(otp); // i5v3

otp = generateOTP({
  length: 8,
  numbers: true,
  alphabets: true,
  upperCaseAlphabets: true,
  specialChars: true,
});
console.log(otp); // NZ9O#akS

Arguments

length (optional): The length of the OTP. Default is 6.
numbers (optional): Include numbers in the OTP. Default is true.
alphabets (optional): Include alphabets in the OTP. Default is false.
upperCaseAlphabets (optional): Include uppercase alphabets in the OTP. Default is false.
specialChars (optional): Include special characters in the OTP. Default is false.

📄 Example & Usage (with require statement)

const { generateOTP } = require("otp-agent");

// Default OTP length is 6 and max is 100
const otp = generateOTP();
console.log(otp); // 543921

✨ Custom OTP

A Custom OTP is generated using a specified set of characters. This allows for more control over the characters included in the OTP, making it suitable for specific use cases where certain characters are required.

import { generateCustomOTP } from "otp-agent";

const customOTP = generateCustomOTP({ characters: "Abc@#$123", length: 5 });
console.log(`Generated OTP: ${customOTP}`); // 1@c3#

Arguments

characters: A string containing the set of characters to use for the OTP.
length (optional): The length of the OTP. Default is 6.

⏳ TOTP (Time-based One-Time Password)

TOTP is an extension of OTP that uses the current time as a source of uniqueness. It generates a time-based OTP that changes after a certain period, typically 30 seconds. This is commonly used in two-factor authentication systems.

import { generateTOTP } from "otp-agent";

// Define your secret key
const totp = generateTOTP({ secret: "JBSWY3DPEHPK3PXP" });
console.log(totp); // 123456

Arguments

secret: A shared secret key used to generate the TOTP.
timeStep (optional): The time step in seconds. Default is 30.
digits (optional): The number of digits in the OTP. Default is 6.
algorithm (optional): The hashing algorithm to use (e.g., 'SHA-1', 'SHA-256', 'SHA-384', 'SHA-512'). Default is 'SHA-1'.
encoding (optional): The encoding of the secret key (e.g., 'ascii', 'hex', 'base32', 'base64'). Default is 'base32'.

🔐 HOTP (HMAC-based One-Time Password)

HOTP is an OTP algorithm based on HMAC (Hash-based Message Authentication Code). It generates a counter-based OTP that changes with each authentication attempt. This is useful for systems where the OTP needs to remain valid until it is used.

import { generateHOTP } from "otp-agent";

// Define your secret key and counter
const hotp = generateHOTP({ secret: "JBSWY3DPEHPK3PXP", counter: 1 });
console.log(hotp); // 654321

Arguments

secret: A shared secret key used to generate the HOTP.
counter: A counter value that increments with each OTP generation.
digits (optional): The number of digits in the OTP. Default is 6.
algorithm (optional): The hashing algorithm to use (e.g., 'SHA-1', 'SHA-256', 'SHA-384', 'SHA-512'). Default is 'SHA-1'.
encoding (optional): The encoding of the secret key (e.g., 'ascii', 'hex', 'base32', 'base64'). Default is 'base32'.

🔐 Recovery Code

Recovery codes are used as a backup method for authentication when the primary OTP method is unavailable. These codes are typically generated in advance and stored securely by the user.

import { generateRecoveryCodes } from "otp-agent";

const recoveryCodes = generateRecoveryCodes({
  numberOfCodes: 4,
  codeLength: 8,
});
console.log(recoveryCodes); // ['44ba0b8c', '3a550413', 'f7cb9a40', '046ee4a0']

Arguments

numberOfCodes: The number of recovery codes to generate.
codeLength: The length of each recovery code.
encoding (optional): The encoding of the recovery codes (e.g., 'hex', 'base32', 'base64'). Default is 'hex'.