README
Documentation
¶
Index ¶
Constants ¶
This section is empty.
Variables ¶
var ( ErrInvalidCode = errors.New("invalid code") ErrInvalidSecret = errors.New("invalid secret") ErrInvalidChallenge = errors.New("invalid secret") )
ErrInvalidCode indicate the supplied one-time code was not valid
Functions ¶
func ComputeCode ¶
ComputeCode computes the response code for a 64-bit challenge 'value' using the secret 'secret'.
func NewScratchCode ¶
func NewScratchCode() int
NewScratchCode generates random scratch code (8 digits)
Types ¶
type OTPConfig ¶
type OTPConfig struct {
Secret string // 10 bytes base32 encoded string of the user's secret
WindowSize int // valid range: technically 0..100 or so, but beyond 3-5 is probably bad security
UsedCodes []int // timestamps in the current window unavailable for re-use
ScratchCodes []int // an array of 8-digit numeric codes that can be used to log in
}
OTPConfig is a one-time-password configuration. This object will be modified by calls to Authenticate and should be saved to ensure the codes are in fact only used once.
func (*OTPConfig) Authenticate ¶
Authenticate a one-time-password against the given OTPConfig Returns true/false if the authentication was successful. Returns error if the password is incorrectly formatted (not a zero-padded 6 or non-zero-padded 8 digit number).
func (*OTPConfig) GC ¶ added in v1.1.0
func (otp *OTPConfig) GC()
GC (Garbage collect) - remove old UsedCodes
func (*OTPConfig) ProvisionURI ¶
ProvisionURI generates a URI that can be turned into a QR code to configure a Authenticator app. It respects the recommendations on how to avoid conflicting accounts. See https://github.com/google/google-authenticator/wiki/Conflicting-Accounts
Source Files