One time Password in Node js
36,078
Solution 1
If you want to just verify the phone by sending and OTP and then asking for it then I don't think you should go for Speakeasy.
Speakeasy is mainly for TOTP and HOTP which are more like 2 Factor Authentication (generate OTPs every 30 seconds, for example).
But since you want to verify a user's phone once all you need to do is:
- Generate any random n-digit number and save it in a table in DB mapped to user with creation time.
- Send this to the user's phone. You can use any service. I personally use twilio.
- When user enters the OTP, check the current time against the creation time and see if it's valid.
- Handle the cases: a) if valid: mark user as verified b) if invalid: whatever you want to do.
Solution 2
See here you have to do it like this:
Workflow:
- use Message sending Api like
twilio
,OpenTok
something like that. - use
Socket.io
for real time interaction while sending messages -
speakeasy
npm package you should use as it makes very to generate one time password code - Use
express
to create your application
Reference:
OTP Verification using NODE & EXPRESS
Git Repo:
![Nimit Bedi](https://lh6.googleusercontent.com/-ru3jcc_-eTk/AAAAAAAAAAI/AAAAAAAAD7k/jZfghG8j8bs/photo.jpg?sz=256)
Author by
Nimit Bedi
Updated on July 09, 2022Comments
-
Nimit Bedi almost 2 years
I want to use OTP for my node-express API. Right now I am able to personalize things using username and password, but would like to do it using mobile number and OTP. What references can I use for this?
-
Abhyudit Jain over 7 yearsSpeakeasy is mainly for TOTP and HOTP which are more like 2 Factor Authentication (generate OTPs every 30 seconds, for example). But it's overkill for phone verification
-
Nimit Bedi over 7 yearsI also want my application to remember the current user and changes the view accordingly. While using passport-authentication, it returns some "x-access-token" through which we can personalize the app for the particular customer. Does this otplib also returns any such thing? If not, how can i remember the present user?