1 import { Secret, TOTP } from 'otpauth'
2 import { CONFIG } from '@server/initializers/config'
3 import { WEBSERVER } from '@server/initializers/constants'
4 import { decrypt } from './peertube-crypto'
6 async function isOTPValid (options: {
7 encryptedSecret: string
10 const { token, encryptedSecret } = options
12 const secret = await decrypt(encryptedSecret, CONFIG.SECRETS.PEERTUBE)
14 const totp = new TOTP({
20 const delta = totp.validate({
25 if (delta === null) return false
30 function generateOTPSecret (email: string) {
31 const totp = new TOTP({
39 secret: totp.secret.base32,
49 // ---------------------------------------------------------------------------
51 function baseOTPOptions () {
53 issuer: WEBSERVER.HOST,