totp-rs
This library permits the creation of 2FA authentification tokens per TOTP, the verification of said tokens, with configurable time skew, validity time of each token, algorithm and number of digits! Default features are kept as lightweight as possible to ensure small binaries and short compilation time.
It now supports parsing otpauth URLs into a totp object, with sane default values.
Be aware that some authenticator apps will accept the SHA256
and SHA512
algorithms but silently fallback to SHA1
which will make the check()
function fail due to mismatched algorithms.
Features
qr
With optional feature "qr", you can use it to generate a base64 png qrcode. This will enable feature otpauth
.
otpauth
With optional feature "otpauth", support parsing the TOTP parameters from an otpauth
URL, and generating an otpauth
URL. It adds 2 fields to TOTP
.
serde_support
With optional feature "serde_support", library-defined types TOTP
and Algorithm
and will be Deserialize-able and Serialize-able.
gen_secret
With optional feature "gen_secret", a secret will be generated for you to store in database.
Examples
Summary
- Understanding Secret
- Generate a token
- Enable qrcode generation
- Enable serde support
- Enable otpauth url support
- Enable gen_secret support
- With RFC-6238 compliant default
Understanding Secret
This new type was added as a disambiguation between Raw and already base32 encoded secrets.
Raw
Is equivalent to
Encoded
Generate a token
Add it to your Cargo.toml
:
[]
= "^3.0"
You can then do something like:
use SystemTime;
use ;
Which is equivalent to:
use SystemTime;
use ;
With qrcode generation
Add it to your Cargo.toml
:
[]
= "^3.0"
= ["qr"]
You can then do something like:
use ;
With serde support
Add it to your Cargo.toml
:
[]
= "^3.0"
= ["serde_support"]
With otpauth url support
Add it to your Cargo.toml
:
[]
= "^3.0"
= ["otpauth"]
You can then do something like:
use TOTP;
With gen_secret
Add it to your Cargo.toml
:
[]
= "^3.0"
= ["gen_secret"]
You can then do something like:
use ;
Which is equivalent to
use ;
With RFC-6238 compliant default
You can do something like this
use ;
With gen_secret
feature, you can go even further and have all values by default and a secure secret.
Note: With otpauth
feature, TOTP.issuer
will be None
, and TOTP.account_name
will be ""
. Be sure to set those fields before generating an URL/QRCode