https://github.com/oktapodia/passport-backup-codes

Single use code authentication strategy for Passport.
https://github.com/oktapodia/passport-backup-codes

backup-codes passportjs singleuse-code

Last synced: 8 months ago
JSON representation

Single use code authentication strategy for Passport.

• Host: GitHub
• URL: https://github.com/oktapodia/passport-backup-codes
• Owner: oktapodia
• License: mit
• Created: 2019-11-13T14:21:14.000Z (over 6 years ago)
• Default Branch: master
• Last Pushed: 2024-07-11T05:00:39.000Z (almost 2 years ago)
• Last Synced: 2025-02-09T10:47:05.960Z (over 1 year ago)
• Topics: backup-codes, passportjs, singleuse-code
• Language: JavaScript
• Size: 113 KB
• Stars: 0
• Watchers: 2
• Forks: 0
• Open Issues: 1
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Passport-backup-codes [![Build Status](https://travis-ci.com/oktapodia/passport-backup-codes.svg?branch=master)](https://travis-ci.com/oktapodia/passport-backup-codes)

[Passport](http://passportjs.org/) strategy for backup codes authentication using

a single use value.

This module is heavily inspired from [passport-totp](https://github.com/jaredhanson/passport-totp)

This module lets you authenticate using a single use code in your Node.js

applications. By plugging into Passport, Single use code authentication can be

easily and unobtrusively integrated into any application or framework that

supports [Connect](http://www.senchalabs.org/connect/)-style middleware,

including [Express](http://expressjs.com/).

## Install

    $ npm install passport-backup-codes

## Usage

#### Configure Strategy

The backup codes authentication strategy authenticates a user using a single use code provided by the software 

application (known as a token). The strategy requires a `setup` callback.

The `setup` callback accepts a previously authenticated `user` and calls 

the `tearDown` callback which will calls `done` providing a `key` and `period` used 

to verify the HOTP value. Authentication fails if the value is not verified.

```javascript

passport.use(new BackupCodesStrategy(

  function(user, done) {

    BackupCodes.findOne({ userId: user.id }, function (err, codes) {

      if (err) { return done(err); }

      return done(null, codes);

    });

  },

  function(user, code, done) {

    BackupCodes.findOne({ userId: user.id }, function (err, codes) {

      if (err) { return done(err); }

      codes = codes.filter((value) => {

        return code !== value;

      });

      BackupCodes.update(codes, function(err) {

        if (err) { return done(err); }

        return done();

      });

    });

  }

));

```

#### Authenticate Requests

Use `passport.authenticate()`, specifying the `'backup-codes'` strategy, to authenticate

requests.

For example, as route middleware in an [Express](http://expressjs.com/)

application:

```javascript

app.post('/verify-otp', 

  passport.authenticate('backup-codes', { failureRedirect: '/verify-otp' }),

  function(req, res) {

    req.session.authFactors = [ 'superadmin' ];

    res.redirect('/');

  });

```

## Tests

    $ npm install

    $ npm run test

## Credits

  - [Sebastien BRAMILLE](http://github.com/oktapodia)

## License

[The MIT License](http://opensource.org/licenses/MIT)

Copyright (c) 2019 Sebastien BRAMILLE