OTP 是 One-Time Password的简写,表示一次性密码。
HOTP 是HMAC-based One-Time Password的简写,表示基于HMAC算法加密的一次性密码。
TOTP 是Time-based One-Time Password的简写,表示基于时间戳算法的一次性密码。

TOTP 是时间同步,基于客户端的动态口令和动态口令验证服务器的时间比对,一般每30秒产生一个新口令,要求客户端和服务器能够十分精确的保持正确的时钟,客户端和服务端基于时间计算的动态口令才能一致。

HOTP 是事件同步,通过某一特定的事件次序及相同的种子值作为输入,通过HASH算法运算出一致的密码。

文档:https://pkg.go.dev/github.com/pquerna/otp

type Key

  1. type Key struct {
  2.     // contains filtered or unexported fields
  3. }
  5. func NewKeyFromURL(orig string) (*Key, error)
  6. func (k *Key) AccountName() string
  7. func (k *Key) Image(width int, height int) (image.Image, error)
  8. func (k *Key) Issuer() string
  9. func (k *Key) Period() uint64
  10. func (k *Key) Secret() string
  11. func (k *Key) String() string
  12. func (k *Key) Type() string  // "hotp" or "totp"
  13. func (k *Key) URL() string

topt

  1. func Generate(opts GenerateOpts) (*otp.Key, error)
  2. func Validate(passcode string, secret string) bool
  4. type GenerateOpts struct {
  5.     // Name of the issuing Organization/Company.
  6.     Issuer string
  7.     // Name of the User's Account (eg, email address)
  8.     AccountName string
  9.     // Number of seconds a TOTP hash is valid for. Defaults to 30 seconds.
  10.     Period uint
  11.     // Size in size of the generated Secret. Defaults to 20 bytes.
  12.     SecretSize uint
  13.     // Secret to store. Defaults to a randomly generated secret of SecretSize.  You should generally leave this empty.
  14.     Secret []byte
  15.     // Digits to request. Defaults to 6.
  16.     Digits otp.Digits
  17.     // Algorithm to use for HMAC. Defaults to SHA1.
  18.     Algorithm otp.Algorithm
  19.     // Reader to use for generating TOTP Key.
  20.     Rand io.Reader
  21. }
  23. type ValidateOpts struct {
  24.     // Number of seconds a TOTP hash is valid for. Defaults to 30 seconds.
  25.     Period uint
  26.     // Periods before or after the current time to allow.  Value of 1 allows up to Period
  27.     // of either side of the specified time.  Defaults to 0 allowed skews.  Values greater
  28.     // than 1 are likely sketchy.
  29.     Skew uint
  30.     // Digits as part of the input. Defaults to 6.
  31.     Digits otp.Digits
  32.     // Algorithm to use for HMAC. Defaults to SHA1.
  33.     Algorithm otp.Algorithm
  34. }

demo(topt)

  1. package main
  3. import (
  4.     "fmt"
  5.     "github.com/pquerna/otp/totp"
  6.     "time"
  7. )
  9. func main() {
  10.     var opt = totp.GenerateOpts{
  11.         Issuer:"jwrookie",
  12.         AccountName:"jw",
  13.     }
  15.     key,err := totp.Generate(opt)
  16.     if err != nil {
  17.         panic(err)
  18.     }
  19.     fmt.Println(key.URL())
  21.     passcode,_ := totp.GenerateCode(key.Secret(),time.Now())
  23.     fmt.Println(totp.Validate(passcode,key.Secret()))
  24. }
  26. otpauth://totp/jwrookie:jw?algorithm=SHA1&digits=6&issuer=jwrookie&period=30&secret=CBLVFFGOHYWYFIRM5XVL3WG6JQC4YSGY
  27. true