2016-11-25 10:46:48 -07:00
Daplie is Taking Back the Internet!
--------------
[](https://daplie.com/preorder/)
Stop serving the empire and join the rebel alliance!
* [Invest in Daplie on Wefunder ](https://daplie.com/invest/ )
* [Pre-order Cloud ](https://daplie.com/preorder/ ), The World's First Home Server for Everyone
2015-10-22 21:22:21 -07:00
# You might be in the wrong place
2012-06-04 05:29:43 -07:00
2015-10-22 21:22:21 -07:00
You probably want [Authenticator ](https://github.com/Daplie/browser-authenticator ).
2011-10-02 18:08:30 -07:00
2015-10-22 21:22:21 -07:00
# Browser One Time Password library (JavaScript)
2011-10-02 18:08:30 -07:00
2015-10-22 21:22:21 -07:00
(aka botp / totp.js / hotp.js)
2011-10-02 18:08:30 -07:00
2015-10-22 21:22:21 -07:00
(forked from [Node One Time Password ](https://github.com/guyht/notp ))
2011-10-02 18:08:30 -07:00
2015-10-22 21:22:21 -07:00
Simple to use, fast, and with zero dependencies\*. The Browser One Time Password library is fully compliant with [HOTP ](http://tools.ietf.org/html/rfc4226 ) (counter based one time passwords) and [TOTP ](http://tools.ietf.org/html/rfc6238 ) (time based one time passwords).
2011-10-02 18:08:30 -07:00
2015-10-22 21:22:21 -07:00
\* requires [forge ](https://github.com/digitalbazaar/forge ) for window.sha1Hmac shim in older browsers and [es6-promise ](https://github.com/jakearchibald/es6-promise ) for ancient browsers.
2012-06-03 15:57:43 -04:00
2015-10-22 21:22:21 -07:00
It can be used in conjunction with the [Authy ](https://www.authy.com/personal/ ), [Google Authenticator ](https://github.com/google/google-authenticator/ ), and [Microsoft Authenticator ](https://www.microsoft.com/en-us/store/apps/authenticator/9wzdncrfj3rj ), and [GAuth ](https://5apps.com/gbraad/gauth ) which have free apps for iOS, Android, BlackBerry, OS X, Linux, Windows, and Chrome.
2012-05-31 23:48:03 -04:00
2015-10-22 21:22:21 -07:00
Browser One Time Password library, supports HOTP, TOTP and works with Google Authenticator • forked from https://github.com/guyht/notp
2011-10-02 18:08:30 -07:00
2015-10-22 21:22:21 -07:00
# Installation
2012-05-31 23:48:03 -04:00
2015-10-22 21:22:21 -07:00
```
bower install botp
2012-05-31 23:48:03 -04:00
```
2011-10-02 18:08:30 -07:00
2015-10-22 21:22:21 -07:00
# Usage
2012-06-03 15:57:43 -04:00
```javascript
2015-10-22 21:22:21 -07:00
(function () {
'use strict';
2012-06-03 15:57:43 -04:00
2015-10-22 21:22:21 -07:00
var botp = window.botp;
2012-06-03 15:57:43 -04:00
2015-10-22 21:22:21 -07:00
// this might be used on account creation to create the QR code and verify the token in the browser.
2012-06-03 15:57:43 -04:00
2015-10-22 21:22:21 -07:00
var key = 'secret key for user... could be stored in DB'; // Uint8Array
var token = 'user supplied one time use token'; // 890123
2014-08-11 10:23:28 +00:00
2015-10-22 21:22:21 -07:00
// Check TOTP is correct (HOTP if hotp pass type)
botp.totp.verify(token, key).then(function (login) {
// invalid token if login is null
if (!login) {
console.log('Token invalid');
return;
}
// valid token
console.log('Token valid, sync value is %s', login.delta);
});
}());
2012-06-03 15:57:43 -04:00
```
2011-10-02 18:08:30 -07:00
# API
2012-06-03 18:15:56 -04:00
2015-10-22 21:22:21 -07:00
See < https: // github . com / guyht / notp #api >
2012-06-03 18:15:56 -04:00
2015-10-22 21:22:21 -07:00
* botp.totp.gen(keyByteArray) => (promise) tokenArray
* botp.totp.verify(tokenByteArray, keyByteArray) => (promise) delta or null
* botp.hotp.gen(keyByteArray) => (promise) tokenArray
* botp.hotp.verify(tokenByteArray, keyByteArray) => (promise) delta or null
