H
Haikel Fazzani
Guest
One-Time Passwords (OTPs) are a crucial component of modern authentication systems, providing an extra layer of security through Two-Factor Authentication (2FA).
What is
What makes this library stand out is its commitment to simplicity. With zero dependencies, it keeps your project's footprint small and avoids potential dependency conflicts, making it a great choice for a wide range of applications.
To begin using the library in your project, you can install it via npm:
The library is designed with a modern syntax, making it easy to import and use with ES modules.
TOTP codes are the most common type of OTP, relying on the current time and a shared secret key. Here's how you can generate one:
HOTP codes are counter-based, meaning they change each time the counter is incremented. This is useful for systems where a reliable time source is not available.
If you're building a client-side application, you can use a CDN to include the library directly via a script tag.
Whether you're developing for the back end with Node.js or a front-end application,
To learn more and contribute, check out the one-time-pass GitHub repository.
Continue reading...
What is one-time-pass?
one-time-pass is a lightweight yet powerful library that generates both TOTP (Time-Based One-Time Password) and HOTP (HMAC-Based One-Time Password) codes. It adheres to the established standards of RFC 6238 and RFC 4226, ensuring that the generated codes are compatible with popular authenticator apps like Google Authenticator.What makes this library stand out is its commitment to simplicity. With zero dependencies, it keeps your project's footprint small and avoids potential dependency conflicts, making it a great choice for a wide range of applications.
Getting Started: Installation and Usage
To begin using the library in your project, you can install it via npm:
npm i one-time-passThe library is designed with a modern syntax, making it easy to import and use with ES modules.
Generating a TOTP Code
TOTP codes are the most common type of OTP, relying on the current time and a shared secret key. Here's how you can generate one:
Code:
import { generateTOTP } from "one-time-pass";
const secretKey = "your-super-secret-key"; // This key should be unique for each user
const totp = generateTOTP(secretKey, {
timeStep: 30, // The time step in seconds (default is 30)
digits: 6, // The number of digits in the OTP (default is 6)
hash: "sha1", // The hashing algorithm (e.g., "sha1", "sha256", "sha512")
});
console.log(totp); // Outputs a 6-digit TOTP codeGenerating an HOTP Code
HOTP codes are counter-based, meaning they change each time the counter is incremented. This is useful for systems where a reliable time source is not available.
Code:
import { generateHOTP } from "one-time-pass";
const secretKey = "your-super-secret-key";
const counter = 1234; // The counter value
const hotp = generateHOTP(secretKey, counter, {
digits: 6,
hash: "sha1",
});
console.log(hotp); // Outputs a 6-digit HOTP codeBrowser Usage
If you're building a client-side application, you can use a CDN to include the library directly via a script tag.
Code:
<script src="https://cdn.jsdelivr.net/npm/one-time-pass"></script>
<script>
// The functions are available globally under the `oneTimePass` object
const totp = otp.generateTOTP("your-secret-key");
console.log(totp);
</script>Conclusion
Whether you're developing for the back end with Node.js or a front-end application,
one-time-pass provides a simple, dependable, and efficient way to implement OTP generation. Its zero-dependency approach and adherence to open standards make it an excellent choice for any project that needs robust two-factor authentication without the overhead.To learn more and contribute, check out the one-time-pass GitHub repository.
Continue reading...
