HMAC-based one-time passwords

Use generateHOTP() and verifyHOTP() to generate and verify HOTPs.

import { generateHOTP, verifyHOTP } from "@oslojs/otp";

const digits = 6;
let counter = 10n;

const otp = generateHOTP(key, counter, digits);
const validOTP = verifyHOTP(key, counter, digits, otp);

Use createHOTPKeyURI() to create a key URI, which are then usually encoded into a QR code.

import { createHOTPKeyURI } from "@oslojs/otp";

const issuer = "My app";
const accountName = "[email protected]";
const digits = 6;
const uri = createHOTPKeyURI(issuer, accountName, key, counter, digits);