summaryrefslogtreecommitdiff
path: root/app/lib/otp.js
diff options
context:
space:
mode:
Diffstat (limited to 'app/lib/otp.js')
-rw-r--r--app/lib/otp.js29
1 files changed, 29 insertions, 0 deletions
diff --git a/app/lib/otp.js b/app/lib/otp.js
new file mode 100644
index 0000000..751edf4
--- /dev/null
+++ b/app/lib/otp.js
@@ -0,0 +1,29 @@
+"use strict";
+
+const { createHmac } = require("crypto");
+const getHMAC = (k,c) => { const h = createHmac("sha1", k);
+ h.update(c, "hex"); return h.digest("hex"); }
+
+const h2d = s => parseInt(s, 16);
+const d2h = s => Math.floor(s).toString(16).padStart(2,0);
+
+const b32a = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";
+const b32u = s => Uint8Array.from(s.split("").reduce((a,c) =>
+ a+b32a.indexOf(c.toUpperCase()).toString(2).padStart(5,0), "")
+ .match(/.{8}/g).map(b => parseInt(b,2)));
+
+module.exports = function totp(secret, { expiry=30,
+ now=Math.round(new Date().getTime()/1000), length=6 }={}) {
+ const time = d2h(now/expiry).padStart(16,0);
+ const hmac = getHMAC(b32u(secret), time);
+ const offset = h2d(hmac.substring(hmac.length - 1));
+ const otp = (h2d(hmac.substr(2*offset, 8)) & h2d("7fffffff")) + "";
+ return otp.padStart(length,0).substr(-length);
+}
+
+module.exports.check = function check(token, secret, { expiry=30,
+ now=Math.round(new Date().getTime()/1000), length=6, window=0 }={}) {
+ const i = Array(window*2+1).fill().map((e,i) => now+(expiry*(i-window)))
+ .findIndex(n => token === this(secret, {now:n, expiry, length}));
+ return i>=0 && i-window;
+}