49 lines
1.6 KiB
TypeScript
49 lines
1.6 KiB
TypeScript
|
import { Authenticator, TOTP } from "@otplib/core";
|
||
|
import type { AuthenticatorOptions } from "@otplib/core/authenticator";
|
||
|
import type { TOTPOptions } from "@otplib/core/totp";
|
||
|
import { createDigest, createRandomBytes } from "@otplib/plugin-crypto";
|
||
|
import { keyDecoder, keyEncoder } from "@otplib/plugin-thirty-two";
|
||
|
|
||
|
/**
|
||
|
* Checks the validity of a TOTP token using a base32-encoded secret.
|
||
|
*
|
||
|
* @param token - The token.
|
||
|
* @param secret - The base32-encoded shared secret.
|
||
|
* @param opts - The AuthenticatorOptions object.
|
||
|
* @param opts.window - The amount of past and future tokens considered valid. Either a single value or array of `[past, future]`. Default: `[1, 0]`
|
||
|
*/
|
||
|
export const totpAuthenticatorCheck = (
|
||
|
token: string,
|
||
|
secret: string,
|
||
|
opts: Partial<AuthenticatorOptions> = {}
|
||
|
) => {
|
||
|
const { window = [1, 0], ...rest } = opts;
|
||
|
const authenticator = new Authenticator({
|
||
|
createDigest,
|
||
|
createRandomBytes,
|
||
|
keyDecoder,
|
||
|
keyEncoder,
|
||
|
window,
|
||
|
...rest,
|
||
|
});
|
||
|
return authenticator.check(token, secret);
|
||
|
};
|
||
|
|
||
|
/**
|
||
|
* Checks the validity of a TOTP token using a raw secret.
|
||
|
*
|
||
|
* @param token - The token.
|
||
|
* @param secret - The raw hex-encoded shared secret.
|
||
|
* @param opts - The TOTPOptions object.
|
||
|
* @param opts.window - The amount of past and future tokens considered valid. Either a single value or array of `[past, future]`. Default: `[1, 0]`
|
||
|
*/
|
||
|
export const totpRawCheck = (token: string, secret: string, opts: Partial<TOTPOptions> = {}) => {
|
||
|
const { window = [1, 0], ...rest } = opts;
|
||
|
const authenticator = new TOTP({
|
||
|
createDigest,
|
||
|
window,
|
||
|
...rest,
|
||
|
});
|
||
|
return authenticator.check(token, secret);
|
||
|
};
|