otplib API Documentation / @otplib/core / validateEpochTolerance
Function: validateEpochTolerance()
validateEpochTolerance(
epochTolerance,period,guardrails):void
Defined in: packages/core/src/utils.ts:391
Validate epoch tolerance for TOTP verification
Prevents DoS attacks by limiting the time range checked. Also validates that tolerance values are non-negative.
Parameters
epochTolerance
Epoch tolerance specification (number or tuple [past, future])
number | [number, number]
period
number = DEFAULT_PERIOD
The TOTP period in seconds (default: 30). Used to calculate max tolerance.
guardrails
OTPGuardrails = DEFAULT_GUARDRAILS
Validation guardrails (defaults to RFC recommendations)
Returns
void
Throws
If tolerance contains negative values
Throws
If tolerance exceeds MAX_WINDOW periods
Example
ts
validateEpochTolerance(30); // OK: 30 seconds (default period 30s)
validateEpochTolerance([5, 0]); // OK: 5 seconds past only
validateEpochTolerance([-5, 0]); // Throws: negative values not allowed
validateEpochTolerance(3600); // Throws: exceeds MAX_WINDOW * period
validateEpochTolerance(6000, 60); // OK with 60s period (MAX_WINDOW * 60 = 6000)