npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2024 – Pkg Stats / Ryan Hefner

koishi-plugin-otp

v0.1.1

Published

one time password

Downloads

158

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

lipratylipraty

Keywords

chatbotkoishipluginotpone time passwordauthenticatortotphotp

Readme

koishi-plugin-otp

[!WARNING]
这是一个早期版本,可能会有较大的 API 变动。

npm GitHub issues Rating

为 Koishi 提供了一次性密码服务。

OTP 服务支持以下算法:

  • TOTP: 基于时间的一次性密码算法 (RFC 6238)
  • HOTP: 基于计数器的一次性密码算法 (RFC 4226)

更多算法欢迎提交 PR。

使用

安装

插件市场搜索 otp 并安装。

命令

  • otp [name]: 列出用户保存的某个或所有密码。
  • otp.qrcode <image>: 通过二维码添加(需要 qrcode 服务)。
  • otp.add <name> <token>: 添加或覆盖认证账号。
  • otp.rm <name>: 移除令牌。

配置项

[!NOTE]
最大步长在 TOTP 算法中表示每隔多少秒更新一次密码,HOTP 算法中表示每隔多少次更新一次密码。

  • qrcode (boolean): 是否在添加令牌时显示二维码,默认值:true
  • tokenizer (randomuuidtimestamp): 公共令牌生成方式,默认值:uuid
  • maxStep (number): 最大步长,默认值:30
  • maxThreshold (number): 最大重试阈值,默认值:5

开发

安装开发依赖

npm i koishi-plugin-otp -D
# or yarn
yarn add koishi-plugin-otp -D

API

类: OTPService

可通过 ctx.otp 访问。

otp.generate(method: OTPMethod, options: OTPOptions): Promise<string>

  • method: 认证算法,支持 totphotp
  • options: 认证配置项,支持以下属性:
    • secret: 共享密钥。
    • algorithm: 哈希算法,支持 sha1sha256sha512
    • digits: 密码长度。
    • period: 密码更新周期。
    • step: 最大步长。

生成密码。

otp.createToken(tokenizer?: Tokenizer, salt?: string): string

  • tokenizer: 密钥生成器,支持 randomuuidtimestamp
  • salt: 密钥生成器的盐。

创建共享密钥。

在 WebUI 中使用

[!WARNING]
浏览器 Crypto API 有一定的安全性限制,请确保浏览器支持与符合安全上下文

插件支持在 WebUI 中使用,并且得益于浏览器的 Crypto API,不需要额外导入 HMAC 算法:

import { useOTP } from 'koishi-plugin-otp/dist'

const otp = useOTP('totp', {
  secret: 'your secret',
  algorithm: 'sha1',
  digits: 6,
  period: 30,
  step: 1
});

贡献者

Star History Chart

License

This project is licensed under the MIT license.