OTP Authentication Assistant

OTP Authentication Assistant - auth

Import

This module is not automatically imported and needs to be explicitly required.

auth = require("xxtouch.auth")

Generate Time-Based One-Time Password (auth.totp_next)

Declaration

otp = auth.totp_next(UNIX_timestamp, QR_code_URL[, secret_key])

Parameters and Return Values

UNIX_timestamp
- integer, can be obtained using the os.time or sys.net_time functions.
QR_code_URL
- string, a URL starting with otpauth://totp/.
secret_key
- string, optional, if not specified, it will be parsed from the QR_code_URL.
otp string

Description

The time-based one-time password algorithm defined in RFC 6238 is used to generate time-based one-time passwords. It is commonly used in two-factor authentication scenarios such as Google Authenticator.

tip

Use the screen.qr_decode or image:qr_decode functions to recognize QR codes on the screen or in images to obtain the QR_code_URL.

Example

auth.totp_next
--
-- Using local time
local otp_code = auth.totp_next(os.time(), "otpauth://totp/L%C3%A9on?algorithm=SHA256&digits=8&period=45&secret=AAAQEAYEAUDAOCAJBIFQYDIOB4")
--
-- Using network time
local net_otp_code = auth.totp_next(sys.net_time(), "otpauth://totp/L%C3%A9on?algorithm=SHA256&digits=8&period=45&secret=AAAQEAYEAUDAOCAJBIFQYDIOB4")
nLog(net_otp_code)

Generate HMAC-Based One-Time Password (auth.hotp_next/auth.hotp_counter)

Declaration

otp = auth.hotp_next(QR_code_URL[, secret_key])
otp = auth.hotp_counter(counter, QR_code_URL[, secret_key])

Parameters and Return Values

counter integer
QR_code_URL
- string, a URL starting with otpauth://hotp/.
secret_key
- string, optional, if not specified, it will be parsed from the QR_code_URL.
otp string

Description

The HMAC-based one-time password algorithm defined in RFC 4226 is less commonly used than auth.totp_next.

info

auth.hotp_next internally maintains a counter initialized to 0. Each call increments the counter by 1 and then calls the auth.hotp_counter function.