Skip to main content

Last version Build Status Dependencies status Dev dependencies status NPM downloads

OTPAuth

One Time Password (HOTP/TOTP) library for Node.js, Deno and browsers.

Usage

Node.js

import * as OTPAuth from 'otpauth';

// Create a new TOTP object.
let totp = new OTPAuth.TOTP({
    issuer: 'ACME',
    label: 'AzureDiamond',
    algorithm: 'SHA1',
    digits: 6,
    period: 30,
    secret: 'NB2W45DFOIZA' // or "OTPAuth.Secret.fromB32('NB2W45DFOIZA')"
});

// Generate a token.
let token = totp.generate();

// Validate a token.
let delta = totp.validate({
    token: token,
    window: 1
});

// Convert to Google Authenticator key URI.
//   otpauth://totp/ACME:AzureDiamond?issuer=ACME&secret=NB2W45DFOIZA&algorithm=SHA1&digits=6&period=30
let uri = totp.toString(); // or "OTPAuth.URI.stringify(totp)"

// Convert from Google Authenticator key URI.
let parsedTotp = OTPAuth.URI.parse(uri);

Deno

// @deno-types="https://deno.land/x/otpauth@master/types/index.d.ts"
import * as OTPAuth from 'https://deno.land/x/otpauth@master/dist/otpauth.esm.js'

// Same as above...

Browsers

<script src="otpauth.umd.js"></script>
<script>
    // Same as above...
</script>

Documentation

See the documentation page.

https://hectorm.github.io/otpauth/

Supported hashing algorithms

In Node.js, the same algorithms as Crypto.createHmac function are supported, since it is used internally. In Deno and browsers, the SHA1, SHA256 and SHA512 algorithms are supported by using the Stanford Javascript Crypto Library.

License

MIT License © Héctor Molinero Fernández.