Module for generating and validating HOTP and TOTP tokens

Navigation

Verified details

These details have been verified by PyPI
Maintainers
Avatar for tadeck from gravatar.com tadeck

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Project description

What is OneTimePass

OneTimePass (actually onetimepass) is a module for generating one-time passwords, namely HOTPs (HMAC-based one-time passowords) and TOTPs (time-based one-time passwords). They are used eg. within Google Authenticator application for Android or iPhone.

How to use OneTimePass

You can use this module in the following way:

  1. Install module (download it into your application’s directory or into modules directory)

  2. To get time-based token you invoke it like that:

    import onetimepass as otp
my_secret = 'MFRGGZDFMZTWQ2LK'
my_token = otp.get_totp(my_secret)

  3. To get HMAC-based token you invoke it like that:

    import onetimepass as otp
my_secret = 'MFRGGZDFMZTWQ2LK'
my_token = otp.get_hotp(my_secret, intervals_no=3)

    where intervals_no is the number of the current trial (if checking on the server, you have to check several values, higher than the last successful one, determined for previous successful authentications).

  4. To check time-based token you invoke it like that:

    import onetimepass as otp
my_secret = 'MFRGGZDFMZTWQ2LK'
my_token = 123456 # should be probably from some user's input
is_valid = otp.valid_totp(token=my_token, secret=my_secret)

  5. To check HMAC-based token you invoke it like that:

    import onetimepass as otp
my_secret = 'MFRGGZDFMZTWQ2LK'
my_token = 123456 # should be probably from some user's input
last_used = 5 # store last valid interval somewhere else
is_valid = otp.valid_hotp(token=my_token, secret=my_secret, last=last_used)

    where:

    • last argument (in this case being assigned last_used) is the number of the last successfully checked interval number (as valid_totp() will skip it and start checking from the next interval number)

    • is_valid is being assigned value of False if my_token has not been identified as valid OTP for given secret (my_secret) and checked interval range. If it has been successful, is_valid is assigned a number of the working interval number (it should be saved into the database and supplied to the function as last argument next time the password is being checked, so you cannot use the same token again).

Project details

Verified details

These details have been verified by PyPI
Maintainers
Avatar for tadeck from gravatar.com tadeck

Unverified details

These details have not been verified by PyPI
Project links
Meta
Classifiers

Release history Release notifications | RSS feed

1.0.1

1.0.0

0.3.0

0.2.2

0.2.0

This version

0.1.2

Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

onetimepass-0.1.2.tar.gz (4.2 kB view details)

Uploaded Source

File details

Details for the file onetimepass-0.1.2.tar.gz.

File metadata

  • Download URL: onetimepass-0.1.2.tar.gz
  • Upload date:
  • Size: 4.2 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No

File hashes

Hashes for onetimepass-0.1.2.tar.gz
Algorithm Hash digest
SHA256 202c52621383c860e390caafb9b963ca5c0fd56e7894aeca30caa01d9c6d5017
MD5 7aa33ea2be4510266d3257e46da25694
BLAKE2b-256 95c351bbe4347d92bb1b706e0dba0c6d87076ced0583bf4d104d7cd4798107b3

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page