simswap-authenticator
v0.0.1
Published
sim-swap-authenticator is a lightweight NPM package designed to detect SIM swap attacks and automatically enable an authentication mechanism as a preventive measure. It provides a simple API for integration into your application, ensuring enhanced securit
Downloads
3
Maintainers
Readme
simswap-authenticator
simswap-authenticator
is a flexible and secure Node.js package that provides essential utilities for registration, login, and device verification processes, with an emphasis on detecting SIM swap fraud. The package allows developers to integrate robust security features such as TOTP (Time-Based One-Time Password) and device fingerprinting into their applications with ease.
Features
- User Registration & Login: Secure registration and login processes with password hashing, SIM swap detection, and TOTP-based authentication.
- Device Verification: Generate device fingerprints to ensure that users are logging in from recognized devices.
- SIM Swap Detection: Check for potential SIM swap activity during both registration and login processes.
- TOTP (QR Code) Generation: Generate TOTP secrets and QR codes for two-factor authentication (2FA).
- Highly Configurable: Flexibility to integrate custom database calls and tailor the registration and login flows to your application needs.
Installation
To install the package, use npm or yarn:
npm install simswap-authenticator
or
yarn add simswap-authenticator
USAGE
Registration To use the registration module in your application, you can do the following:
import { registerUser } from 'simswap/register';
async function register(data, saveUser, findUserById, simSwapOptions, appName) {
const { user, qrCodeDataUrl, secret } = await registerUser(data, saveUser, findUserById, simSwapOptions, appName);
// Handle the user data and QR code
}
Login To implement the login process with SIM swap detection:
import { loginUser } from 'simswap/login';
async function login(data, findUserByPhone, updateUser, sendVerificationCode, simSwapOptions, appName) {
const response = await loginUser(data, findUserByPhone, updateUser, sendVerificationCode, simSwapOptions, appName);
// Handle the response, such as redirecting the user
}
Example Usage
import { registerUser, loginUser } from 'simswap';
import { prisma } from './prismaClient'; // Example database client
const simSwapOptions = { /* SIM swap detection options */ };
const appName = 'YourAppName';
// Registration
await registerUser(
registrationData,
(user) => prisma.user.create({ data: user }),
(id) => prisma.user.findUnique({ where: { id } }),
simSwapOptions,
appName
);
// Login
await loginUser(
loginData,
(phoneNumber) => prisma.user.findUnique({ where: { phoneNumber } }),
(phoneNumber, data) => prisma.user.update({ where: { phoneNumber }, data }),
sendVerificationCode,
simSwapOptions,
appName
);
API
registerUser
(data, saveUser, findUserById, simSwapOptions, appName)
data: The registration data containing email, phone number, passwords, and device information.
saveUser: A function to save the user to the database.
findUserById: A function to find the user by ID in the database.
simSwapOptions: Options for configuring SIM swap detection.
appName: The name of your application for TOTP generation.
loginUser
(data, findUserByPhone, updateUser, sendVerificationCode, simSwapOptions, appName)
data: The login data containing phone number, password, and device information.
findUserByPhone: A function to find the user by phone number in the database.
updateUser: A function to update user data in the database.
sendVerificationCode: A function to send the verification code to the user's email or phone.
simSwapOptions: Options for configuring SIM swap detection.
appName: The name of your application for TOTP generation.
Contributing
We welcome contributions! Please submit issues and pull requests to help improve the package.
License MIT License. See LICENSE for details.