AJ ONeal
31e53bb6ad
|
||
|---|---|---|
| .gitignore | ||
| .travis.yml | ||
| LICENSE | ||
| README.md | ||
| bower.json | ||
| index.js | ||
| package.json | ||
| sha1-hmac.js | ||
| test.html | ||
| test.js | ||
README.md
You might be in the wrong place
You probably want Authenticator.
Browser One Time Password library (JavaScript)
(aka botp / totp.js / hotp.js)
(forked from Node One Time Password)
Simple to use, fast, and with zero dependencies*. The Browser One Time Password library is fully compliant with HOTP (counter based one time passwords) and TOTP (time based one time passwords).
* requires forge for window.sha1Hmac shim in older browsers and es6-promise for ancient browsers.
It can be used in conjunction with the Authy, Google Authenticator, and Microsoft Authenticator, and GAuth which have free apps for iOS, Android, BlackBerry, OS X, Linux, Windows, and Chrome.
Browser One Time Password library, supports HOTP, TOTP and works with Google Authenticator • forked from https://github.com/guyht/notp
Installation
bower install botp
Usage
(function () {
'use strict';
var botp = window.botp;
// this might be used on account creation to create the QR code and verify the token in the browser.
var key = 'secret key for user... could be stored in DB'; // Uint8Array
var token = 'user supplied one time use token'; // 890123
// Check TOTP is correct (HOTP if hotp pass type)
botp.totp.verify(token, key).then(function (login) {
// invalid token if login is null
if (!login) {
console.log('Token invalid');
return;
}
// valid token
console.log('Token valid, sync value is %s', login.delta);
});
}());
API
See https://github.com/guyht/notp#api
- botp.totp.gen(keyByteArray) => (promise) tokenArray
- botp.totp.verify(tokenByteArray, keyByteArray) => (promise) delta or null
- botp.hotp.gen(keyByteArray) => (promise) tokenArray
- botp.hotp.verify(tokenByteArray, keyByteArray) => (promise) delta or null