cal.pub0.org/packages/lib/totp.ts

49 lines
1.6 KiB
TypeScript
Raw Permalink Normal View History

import { Authenticator, TOTP } from "@otplib/core";
import type { AuthenticatorOptions } from "@otplib/core/authenticator";
import type { TOTPOptions } from "@otplib/core/totp";
import { createDigest, createRandomBytes } from "@otplib/plugin-crypto";
import { keyDecoder, keyEncoder } from "@otplib/plugin-thirty-two";
/**
* Checks the validity of a TOTP token using a base32-encoded secret.
*
* @param token - The token.
* @param secret - The base32-encoded shared secret.
* @param opts - The AuthenticatorOptions object.
* @param opts.window - The amount of past and future tokens considered valid. Either a single value or array of `[past, future]`. Default: `[1, 0]`
*/
export const totpAuthenticatorCheck = (
token: string,
secret: string,
opts: Partial<AuthenticatorOptions> = {}
) => {
const { window = [1, 0], ...rest } = opts;
const authenticator = new Authenticator({
createDigest,
createRandomBytes,
keyDecoder,
keyEncoder,
window,
...rest,
});
return authenticator.check(token, secret);
};
/**
* Checks the validity of a TOTP token using a raw secret.
*
* @param token - The token.
* @param secret - The raw hex-encoded shared secret.
* @param opts - The TOTPOptions object.
* @param opts.window - The amount of past and future tokens considered valid. Either a single value or array of `[past, future]`. Default: `[1, 0]`
*/
export const totpRawCheck = (token: string, secret: string, opts: Partial<TOTPOptions> = {}) => {
const { window = [1, 0], ...rest } = opts;
const authenticator = new TOTP({
createDigest,
window,
...rest,
});
return authenticator.check(token, secret);
};