notp
notp copied to clipboard
guyht
Node One Time Password library, supports HOTP, TOTP and works with Google Authenticator
Simplify hexToBytes calculation by splitting the string using the regex match for `/.{1,2}/g` and then parse every chunk
* NPM throws evil warnings when trying to install this, due to extremely old version of mocha (affects only dev/test) ``` 11 vulnerabilities (1 moderate, 6 high, 4 critical) ```...
It's rather a curious question. I have noted, mostly TOTP JS libraries are not being maintained for years. What's stopping devs to maintain these libraries.
https://github.com/guyht/notp/blob/bbdf82a34e5cb1534c411aaa63185bfab29feba0/index.js#L10-L19 `intToBytes(9999999999999)` will give `[0, 0, 0, 0, 78, 114, 159, 255]` which is `` But `9999999999999` decimal to hexadecimal must return `00 00 09 18 4E 72 9F FF`
I am using the `notp.totp.verify` method to verify a token for a base32 secret, but it fails for every token. The token is generated on the authenticator app, I tested...
import notp from 'notp' seem to be returning undefined, but const notp = requires('notp') seem to return {hotp, totp} properly. it's pretty weird but this does exist. Node: 12.16.3 notp:...
This PR will add a `digits` parameter to opt to be used which is equivalent to `P` in the older version.
See: https://runkit.com/embed/97u6bi5kd9bg ``` var notp = require("notp") console.log(notp.hotp.verify("AAAAAAAAAAAAAAAAAA", "812658", {counter: 1})); ``` Always returns `null`.
The variable `p` is defined as 6, but cannot be adjusted by `opt.digits` (and isn't actually used). This change is especially important for authenticators that allow 8 digits. ~~Also, this...
