Expand description
This library permits the creation of 2FA authentification tokens per TOTP, the verification of said tokens, with configurable time skew, validity time of each token, algorithm and number of digits! Default features are kept as low-dependency as possible to ensure small binaries and short compilation time
Be aware that some authenticator apps will accept the SHA256
and SHA512
algorithms but silently fallback to SHA1
which will
make the check()
function fail due to mismatched algorithms.
Use the SHA1
algorithm to avoid this problem.
Examples
use std::time::SystemTime;
use totp_rs::{Algorithm, TOTP, Secret};
let totp = TOTP::new(
Algorithm::SHA1,
6,
1,
30,
Secret::Raw("TestSecretSuperSecret".as_bytes().to_vec()).to_bytes().unwrap(),
Some("Github".to_string()),
"constantoine@github.com".to_string(),
).unwrap();
let token = totp.generate_current().unwrap();
println!("{}", token);
use totp_rs::{Algorithm, TOTP};
let totp = TOTP::new(
Algorithm::SHA1,
6,
1,
30,
"supersecret_topsecret".as_bytes().to_vec(),
Some("Github".to_string()),
"constantoine@github.com".to_string(),
).unwrap();
let url = totp.get_url();
println!("{}", url);
let code = totp.get_qr_base64().unwrap();
println!("{}", code);
Re-exports
pub use qrcodegen_image;
Structs
- TOTP holds informations as to how to generate an auth code and validate it. Its secret field is sensitive data, treat it accordingly
Enums
- Algorithm enum holds the three standards algorithms for TOTP as per the reference implementation
- Error returned when input is not compliant to rfc-6238.
- Shared secret between client and server to validate token against/generate token from.
- Different ways secret parsing failed.
- Errors returned mostly upon decoding URL.