npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

@rexfng/tfa

v2.20.0

Published

TFA helper

Downloads

2

Readme

Tfa

Description

TFA is a wrapper that provides helpers to generate and validate 2 factor code according to google authenticator format. It generates google uri and qr code images. Package such as @rexfng/auth, uses this module for 2fa protection or password reset.

ES6

It was built with Class so it is extensible.

Define Environment Variables

Define the follow environment variable. They are all required. | Variable Name | Description | |---------------|-------------| | APP_NAME | Defining project name, which is one of the argument in generating the token. | | APP_URL | Defining project url, which will be use to redirect ie "http://example.com". | | AUTH_SECRET | secret for encrpytion the token. | | EMAIL_PASS | Sendgrid api key. | | TWILIO_API_KEY | Twilio api key |

Initialize TFA (new Tfa())

Neither issuer nor account name may themselves contain a colon.

const Tfa = require('@rexfng/tfa').init;
let TfaOptions = {
	label: String, // username 
	//values below are optional
	issuer: String, // issuer of tfa token (if null, it looks up value from APP_NAME environment variable)
	algorithm: String, // example "SHA1", "SHA256" and "SHA512" (default to "SHA256") [Also Supports](https://nodejs.org/api/crypto.html#crypto_crypto_createhmac_algorithm_key). Do not use SHA1 as it is [outdated and already broken into](https://shattered.io/)
	digits: Integer, // 6 or 8 (default to 6)
	period: Integer, // seconds to invalidate the code (default to 30)
	secret: String // secret between user and server (note that user will be able to see this value when the code is produced) example: "NB2W45DFOIZB"
}
let tfa = new Tfa(TfaOptions);

Tfa().generate()

let code = tfa.generate({
	qrSize: "150" // value in pixel (default to "150", this option is optional)
})

let token = code.token // 123412
let uri = code.uri // Google Authenticator key URI
let qr = code.qr // url of qrcode image

Tfa().validate()

let validation = tfa.validate({
	token: Integer // 123412
})

console.log(validation) // return true or false in Boolean

Tfa Express Routers

| Base Endpoint | Method Example | HTTP Action | |---------------|-------------|-------------| | /api/getcode | app.use('/', Tfa.routes.api.getcode) | POST | | /api/verifycode | app.use('/', Tfa.routes.email.verifycode) | POST | | /sms/getcode | app.use('/', Tfa.routes.sms.getcode) | POST | | /sms/verifycode | app.use('/', Tfa.routes.sms.verifycode) | POST | | /email/getcode | app.use('/', Tfa.routes.email.getcode) | POST | | /verification | app.use('/', Tfa.routes.email.verifycode) | GET |

/api/getcode

{
	issuer: String // default to process.env.APP_NAME,
	label: String, // unique token identifier in alphabetical characters, no numbers allowed
	period: Inteer, // period to expire the verification, default to 30,
	digits: Integer //default to 6	
}

/api/verifycode

{
	issuer: String // default to process.env.APP_NAME,
	label: String, // unique token identifier in alphabetical characters, no numbers allowed
	period: Inteer, period to expire the verification, default to 30,
	digits: Integer //digits of the verification code, choose between 4-10 default to 6	
	code: String // verification code identified by "label"
}

/sms/getcode

{
	"phone_number": String, //"6047229494"
	"country_code": String, //"1"
	"code_length": Integer //4-10 default to 6
}

/sms/verifycode

{
	"phone_number": String, //"6047229494"
	"country_code": String, //"1"
	"verification_code": String //"2421"
}

/email/getcode

{
    from: "John<[email protected]>", // sender address
    to: "Paul<[email protected]>", // list of receivers
    subject: "Welcome Message", // Subject line
	tpl: "Welcome to our service. Please verify with the following code {{code}}", // plain text or html
	tpl: "<h1>Welcome to our service. Please verify with the following url: {{&url}}</h1>", the template use for rendering the email body. {{&url}} or {{code}} will be replaced by verification_code or verification_url
	label: "somerandomstring", //unique verifycode identifier, strings only
	period: Integer, // 900
	redirect_success: "https://your-app.com/redirect_success", || null, if empty, {{code}} will be used, if provided, {{&url}} will be used.
	redirect_fail: "https://your-app.com/fail" || null if empty, {{code}} will be used, if provided, {{&url}} will be used.
}

/email/verifycode GET

This endpoint generates a link at /verification?t={bearer_token}