View Source TwoFactorInACan.Hotp (TwoFactorInACan v0.2.0)

Provides functions for working with the HMAC-based One Time Password algorithm as defined in RFC 4226.

For details on RFC 4226, see https://tools.ietf.org/rfc/rfc4226.txt.

Summary

Functions

Generates a token from a shared secret and a counter which can be synchronized.

Verifies that the provided HOTP token was generated using the provided secret and count.

Functions

Link to this function

generate_token(secret, count, opts \\ [])

View Source

Generates a token from a shared secret and a counter which can be synchronized.

This token can be used by one party to verify whether another party has the same secret.

Options:

  • :secret_format - the format that the secret is passed in as. Options include:
    • :binary (default)
    • :base32
    • :base64
  • :token_length (Default: 6) - the length of the generated token. A longer token is harder to guess and thus more secure. A longer token can also be more difficult for users to accurately transmit. Although everything in TwoFactorInACan supports variable token length, you should be sure that other apps and programs used support the token length set here.

Examples

iex> secret = TwoFactorInACan.Secrets.generate_totp_secret()
iex> TwoFactorInACan.Hotp.generate_token(secret, 0)
"866564"

iex> TwoFactorInACan.Hotp.generate_token(secret, 1)
"532769"

iex> TwoFactorInACan.Hotp.generate_token(secret, 0, token_length: 10)
"1807866564"
Link to this function

same_secret?(secret, token, count, opts \\ [])

View Source

Verifies that the provided HOTP token was generated using the provided secret and count.

This function uses the secret and count to generate a token. It then compares that generated token to the passed in token. If they match, then this function returns true. If they do not match, then this function returns false.

This function allows a number of options:

  • :secret_format - the format that the secret is passed in as. Options include:
    • :binary (default)
    • :base32
    • :base64
  • :token_length (Default: 6) - the length of the generated token. A longer token is harder to guess and thus more secure. A longer token can also be more difficult for users to accurately transmit. Although everything in TwoFactorInACan supports variable token length, you should be sure that other apps and programs used support the token length set here.