otplib API Documentation / otplib / verify
Function: verify()
verify(
options):Promise<VerifyResult>
Defined in: otplib/src/functional.ts:324
Verify an OTP code
Verifies a provided OTP code against the expected value based on the strategy.
- 'totp': Time-based OTP (default, Google Authenticator compatible)
- 'hotp': HMAC-based OTP
Uses constant-time comparison to prevent timing attacks.
Parameters
options
OTP verification options
Returns
Promise<VerifyResult>
Verification result with validity and optional delta
Examples
ts
import { verify } from 'otplib';
const result = await verify({
secret: 'JBSWY3DPEHPK3PXP',
token: '123456',
});
// Returns: { valid: true, delta: 0 }ts
import { verify } from 'otplib';
const result = await verify({
secret: 'JBSWY3DPEHPK3PXP',
token: '123456',
strategy: 'hotp',
counter: 0,
});ts
import { verify, NodeCryptoPlugin } from 'otplib';
const result = await verify({
secret: 'JBSWY3DPEHPK3PXP',
token: '123456',
epochTolerance: 30,
crypto: new NodeCryptoPlugin(),
});