npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@kiryano/etherealotp

v0.1.9

Published

A library for two-factor authentication using Twilio and Speakeasy.

Downloads

9

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

kiryanokiryano

Keywords

twilio2faspeakeasyauthenticationsecurityTOTP

Readme

EtherealOTP

EtherealOTP is a lightweight, easy-to-use library for integrating Two-Factor Authentication (2FA) into your Node.js applications using TOTP (Time-based One-Time Passwords) and the Twilio SMS service.

Features

  • Easy generation and verification of TOTP tokens. Seamlessly send TOTP tokens via SMS using Twilio. Straightforward setup and minimal configuration.

Installation

  • Install EtherealOTP using npm:
npm install @kiryano/etherealotp

Or using yarn:

yarn add @kiryano/etherealotp

Quick Start

  • Here's a quick example to get you started:
const { TwoFactorAuth } = require('@kiryano/etherealotp');

const config = {
    accountSid: 'your_twilio_account_sid',
    authToken: 'your_twilio_auth_token',
    fromNumber: 'your_twilio_phone_number'
};

const tfa = new TwoFactorAuth(config);

// Generate a new TOTP secret for a user
const newUserSecret = tfa.generateSecret();
console.log('User Secret:', newUserSecret.base32);

// Generate a TOTP token
const newToken = tfa.generateToken(newUserSecret.base32);
console.log('Token:', newToken);

// Send OTP via SMS
tfa.sendSmsOTP('+18085976569', `Your verification code is: ${newToken}`)
   .then(message => console.log('SMS sent successfully!', message))
   .catch(err => console.error('Failed to send SMS:', err));

Generating a QR Code for TOTP Setup

The EtherealOTP library supports generating QR codes for user accounts identified by either an email address or a phone number. This QR code can be scanned with TOTP applications like Google Authenticator or Authy to easily set up two-factor authentication.

Here is how you can generate a QR code URL for the TOTP secret:

const { TwoFactorAuth } = require('@kiryano/etherealotp');
const tfa = new TwoFactorAuth({
    accountSid: 'your_twilio_account_sid',
    authToken: 'your_twilio_auth_token',
    fromNumber: 'your_twilio_phone_number'
});

// Generate a new TOTP secret for the user
const userSecret = tfa.generateSecret();
console.log('User Secret:', userSecret.base32);

// Specify your application's name and the user's identifier
const issuer = 'YourAppName';
const identifier = '[email protected]'; // or '+12345678901' for phone
const identifierType = 'email'; // Change to 'phone' if using a phone number

// Generate QR Code URL for the TOTP secret
tfa.generateQRCodeURL(issuer, identifier, identifierType, userSecret.base32)
   .then(qrCodeURL => {
       console.log('QR Code URL:', qrCodeURL);
       // Here you can send the QR Code URL to the front end to be displayed as an image
   })
   .catch(error => {
       console.error('Error generating QR code:', error);
   });

Documentation

generateSecret()
Generates a new TOTP secret.

Returns: An object containing the secret in various formats.

generateToken(secret)
Generates a TOTP token from a user's secret.

Parameters:

secret (String): The user's TOTP secret in base32 format.
Returns: A string representing the TOTP token.

verifyToken(token, secret)
Verifies a TOTP token against the user's secret.

Parameters:

token (String): The TOTP token to verify.
secret (String): The user's TOTP secret in base32 format.
Returns: true if the token is valid, otherwise false.

sendSmsOTP(phoneNumber, message)
Sends an SMS containing the TOTP token or any message using Twilio.

Parameters:

phoneNumber (String): The recipient's phone number.
message (String): The message to be sent.
Returns: A promise that resolves with the message details if successful.

Contributing

  • Contributions are welcome! Please read the contributing guide for more information.

License EtherealOTP is MIT licensed.