@getanthill/sec
v0.7.0
Published
Anthill project security package
Downloads
475
Readme
getanthill
Security Layer
Getting Started
First, you need install the package:
npm install -S @getanthill/sec
Then, your client can follow the steps to register or signin a user to your app, then activate MFA validation.
// 1. Signin part:
const tokens = auth.getTokens(email, password);
// 2. MFA Setup part: (only on registration)
// Master key generation #keep-it-secret-keep-it-safe
const masterKey = otp.generateMasterKey();
// Secret key generation from Master key
const secretKey = otp.generateSecretFromMaster(masterKey);
// Validate MFA:
const isValid = otp.verify('123456', secretKey);
// Create the store:
const store = new Store(tokens.encryption, secretKey);
// Manage your data as always:
store.data = { hello: 'world' }; // Always encrypted data
Roadmap
- [x] Implements the Data Privacy Security Layer by default described here: https://hacks.mozilla.org/2018/11/firefox-sync-privacy/
- [x] Implements TOTP
- [ ] Implements the QRCode generation part