{"id":19575787,"url":"https://github.com/oktapodia/passport-backup-codes","last_synced_at":"2025-10-16T03:15:12.533Z","repository":{"id":36102107,"uuid":"221476548","full_name":"oktapodia/passport-backup-codes","owner":"oktapodia","description":"Single use code authentication strategy for Passport.","archived":false,"fork":false,"pushed_at":"2024-07-11T05:00:39.000Z","size":116,"stargazers_count":0,"open_issues_count":1,"forks_count":0,"subscribers_count":2,"default_branch":"master","last_synced_at":"2025-02-09T10:47:05.960Z","etag":null,"topics":["backup-codes","passportjs","singleuse-code"],"latest_commit_sha":null,"homepage":null,"language":"JavaScript","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/oktapodia.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2019-11-13T14:21:14.000Z","updated_at":"2022-02-13T16:22:50.000Z","dependencies_parsed_at":"2023-01-16T13:29:12.636Z","dependency_job_id":null,"html_url":"https://github.com/oktapodia/passport-backup-codes","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/oktapodia%2Fpassport-backup-codes","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/oktapodia%2Fpassport-backup-codes/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/oktapodia%2Fpassport-backup-codes/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/oktapodia%2Fpassport-backup-codes/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/oktapodia","download_url":"https://codeload.github.com/oktapodia/passport-backup-codes/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":240842567,"owners_count":19866613,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["backup-codes","passportjs","singleuse-code"],"created_at":"2024-11-11T06:49:26.600Z","updated_at":"2025-10-16T03:15:07.495Z","avatar_url":"https://github.com/oktapodia.png","language":"JavaScript","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Passport-backup-codes [![Build Status](https://travis-ci.com/oktapodia/passport-backup-codes.svg?branch=master)](https://travis-ci.com/oktapodia/passport-backup-codes)\n\n[Passport](http://passportjs.org/) strategy for backup codes authentication using\na single use value.\n\nThis module is heavily inspired from [passport-totp](https://github.com/jaredhanson/passport-totp)\n\nThis module lets you authenticate using a single use code in your Node.js\napplications. By plugging into Passport, Single use code authentication can be\neasily and unobtrusively integrated into any application or framework that\nsupports [Connect](http://www.senchalabs.org/connect/)-style middleware,\nincluding [Express](http://expressjs.com/).\n\n## Install\n\n    $ npm install passport-backup-codes\n\n## Usage\n\n#### Configure Strategy\n\nThe backup codes authentication strategy authenticates a user using a single use code provided by the software \napplication (known as a token). The strategy requires a `setup` callback.\n\nThe `setup` callback accepts a previously authenticated `user` and calls \nthe `tearDown` callback which will calls `done` providing a `key` and `period` used \nto verify the HOTP value. Authentication fails if the value is not verified.\n\n```javascript\npassport.use(new BackupCodesStrategy(\n  function(user, done) {\n    BackupCodes.findOne({ userId: user.id }, function (err, codes) {\n      if (err) { return done(err); }\n      return done(null, codes);\n    });\n  },\n  function(user, code, done) {\n    BackupCodes.findOne({ userId: user.id }, function (err, codes) {\n      if (err) { return done(err); }\n\n      codes = codes.filter((value) =\u003e {\n        return code !== value;\n      });\n\n      BackupCodes.update(codes, function(err) {\n        if (err) { return done(err); }\n\n        return done();\n      });\n\n    });\n  }\n));\n```\n\n#### Authenticate Requests\n\nUse `passport.authenticate()`, specifying the `'backup-codes'` strategy, to authenticate\nrequests.\n\nFor example, as route middleware in an [Express](http://expressjs.com/)\napplication:\n\n```javascript\napp.post('/verify-otp', \n  passport.authenticate('backup-codes', { failureRedirect: '/verify-otp' }),\n  function(req, res) {\n    req.session.authFactors = [ 'superadmin' ];\n    res.redirect('/');\n  });\n```\n\n## Tests\n\n    $ npm install\n    $ npm run test\n\n## Credits\n\n  - [Sebastien BRAMILLE](http://github.com/oktapodia)\n\n## License\n\n[The MIT License](http://opensource.org/licenses/MIT)\n\nCopyright (c) 2019 Sebastien BRAMILLE\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Foktapodia%2Fpassport-backup-codes","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Foktapodia%2Fpassport-backup-codes","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Foktapodia%2Fpassport-backup-codes/lists"}