#totp #2fa #two-factor

eztotp

An easy-to-use TOTP solution

1 unstable release

0.1.0 Mar 10, 2022

#1095 in Authentication

LGPL-3.0-or-later OR MPL-2.0

12KB
123 lines

Crates.io docs.rs Crates.io

This crate provides a ready-to-use TOTP solution.

It supports some features not directly related to Totp:

  • Scratch code: extra codes that can be used in emergency, which can improve UX.
  • Forbid code reusing: permits only one successful attempt in single time frame for safety.

These features require you to save the struct after every successful attempt. To make it easier, serde::Serialize and serde::Deserialize are derived on it.

Disable code reusing in real life

Don't forget to use exclusive lock in your DB (or whatever you persist the struct) to ensure the load-verify-save process is atomic, or attacker may reuse the code even if you disable code reusing.

License

eztotp is free software: you can redistribute it and/or modify it under one of following licenses:

  • Mozilla Public License, v. 2.0.
  • GNU Lesser General Public License, either version 3 of the License, or (at your option) any later version.

eztotp is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.

You should have received a copy of the GNU Lesser General Public License and Mozilla Public License along with eztotp. If not, see

Dependencies

~1.5–2.3MB
~42K SLoC