search

daegalus / dart-otp

RFC6238 Time-Based One-Time Password / Google Authenticator Library
MIT License
100 stars 25 forks source link

Please also support verification of one time passwords #29

Closed mbalmer closed 3 years ago

mbalmer commented 3 years ago

This is a feature request. I would find it helpful to also get one time password verification functions.

daegalus commented 3 years ago

My question is how exactly would that look for you, and how does the current implementation hinder the ability to do so?

OTP.constantTimeVerification(OTP.generateTOTPCode(currentTime, secretFromDB), codePeovidedByUser)

If you want you can pull out the generateTOTP call to a variable, then compare the result to what's provided by the user.

In order to make a single function to do this, I would need to ask you to pass in all these parameters and any options you specify. Which doesn't really improve usage in any meaningful way, outside of maybe 10-15 characters.

If you have any other ideas, I am very much open to discussion. I'm just not seeing what more needs to be added to provide verification.

mbalmer commented 3 years ago

i think you are right and I oversaw this possibility.

I think you can close my issue (or I will do tomorrow).

Am 19.04.2021 um 19:12 schrieb Yulian Kuncheff @.***>:

My question is how exactly would that look for you, and how does the current implementation hinder the ability to do so?

OTP.constantTimeVerification(OTP.generateTOTPCode(currentTime, secretFromDB), codePeovidedByUser) If you want you can pull out the generateTOTP call to a variable, then compare the result to what's provided by the user.

In order to make a single function to do this, I would need to ask you to pass in all these parameters and any options you specify. Which doesn't really improve usage in any meaningful way, outside of maybe 10-15 characters.

If you have any other ideas, I am very much open to discussion. I'm just not seeing what more needs to be added to provide verification.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/Daegalus/dart-otp/issues/29#issuecomment-822634357, or unsubscribe https://github.com/notifications/unsubscribe-auth/AADIAH6VCHD5LPFWNKF5IRDTJRQAVANCNFSM43FTM3KA.