secure-bun-server/src/lib/otp/custom.js at main · SSbit01/secure-bun-server · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
import process from "node:process";
import otpAttributes from "#shared/otp.json";

const test = process.env.NODE_ENV === "test";

/**
 * When the user enters the code incorrectly many times and reaches this number of attempts,
 * a timeout of seconds defined in `OTP_INVALID_BLOCK_SECONDS` can be set.
 *
 * - It needs to be lower than `OTP_MAX_ATTEMPTS`.
 * - Disable OTP blocking by setting it to `0`.
 *
 * @type {number}
 */
export const OTP_ATTEMPTS_BLOCK = 1;

/**
 * When the user enters the code incorrectly many times and reaches the number of attempts defined in `OTP_ATTEMPTS_BLOCK`,
 * a timeout of a few seconds can be set.
 *
 * - It is recommended to set it to 20 seconds.
 *
 * @type {number}
 */
export const OTP_INVALID_BLOCK_SECONDS = test ? 3 : 20;

/**
 * The maximum validity period of an OTP token in seconds.
 *
 * - If it is too low, tests may fail.
 *
 * @type {number}
 */
export const OTP_MAX_AGE = 300; // 5 minutes

/**
 * The maximum number of attempts a user can verify an OTP.
 *
 * @type {number}
 */
export const OTP_MAX_ATTEMPTS = 3;

/**
 * When sending an OTP, you may want to ask users to wait a few seconds until they have the option to resend another OTP.
 *
 * - It is recommended to set it to 40 seconds.
 *
 * @type {number}
 */
export const OTP_RESEND_BLOCK_SECONDS = test ? 3 : 40;

/**
 * This implenetation creates an OTP with lowercase letters and numbers.
 *
 * - The OTP length with this implementation can be up to 11 characters.
 *
 * @function generateOtp
 */
export function generateOtp() {
  return (crypto.getRandomValues(new BigUint64Array(1))[0]?.toString(36).substring(0, otpAttributes.length) ?? "").padStart(
    otpAttributes.length,
    "0"
  );
}