Documentation ¶
Overview ¶
A simple, correct TOTP implementation.
Time-based One-time Passwords are a useful way to authenticate a client, since a valid password expires long before it could ever be guessed by an attacker. This library provides an implementation of TOTP that matches its specification (RFC6238), along with a simple interface.
Usage ¶
The Totp function is likely what you need. It uses the default time step of 30 seconds and gives 8 digits of output:
// Negotiated between you and the authenticating service. password := []byte("secret") // The number of seconds since the Unix Epoch. seconds := uint64(time.Now().Unix()) // Specify the desired Hash algorithm from the Standard Library. // For TOTP, sha1 and sha256 are also valid. totp := Totp(sha512.New, password, seconds)
Resources ¶
See RFC6239 (https://tools.ietf.org/html/rfc6238) and its Errata (https://www.rfc-editor.org/errata_search.php?rfc=6238) for more information.
Index ¶
Examples ¶
Constants ¶
const DEFAULT_DIGITS uint32 = 8
DEFAULT_DIGITS represents 8 digits of final output.
const DEFAULT_STEP uint64 = 30
DEFAULT_STEP represents a 30 second time step.
Variables ¶
This section is empty.
Functions ¶
func Totp ¶
Totp produces a Time-based One-time Password with default settings.
Example ¶
password := []byte("secret") seconds := uint64(time.Now().Unix()) totp := Totp(sha512.New, password, seconds) fmt.Println(totp)
Output:
func TotpCustom ¶
func TotpCustom(h func() hash.Hash, step uint64, digits uint32, password []byte, time uint64) string
TotpCustom produces a Time-based One-time Password with full control over algorithm parameters.
Example ¶
This example uses a step size of 15 seconds (i.e. the password would expire faster) and a digit count of 6. Consider DEFAULT_STEP and DEFAULT_DIGITS if you only need to alter one of the arguments.
password := []byte("secret") seconds := uint64(time.Now().Unix()) totp := TotpCustom(sha512.New, 15, 6, password, seconds) fmt.Println(totp)
Output:
Types ¶
This section is empty.