django-otp (part-II)

Django ,Python
March 21, 2018

In my previous article, I discussed 2 different types of OTP and the basics of generating an OTP with django-otp. In this article I am going to write about creating a TOTP object and using that to generate and verify a token.

Let’s create a class TOTPVerification . Check this code below. You can run it and check for yourself. I have included comments for a better understanding of the program.

<script src=”https://gist.github.com/valaparthvi/06cb9f7faeae2e494e0cf8e76ed2add9.js”></script>

There are 4 main steps involved:
1) Create a TOTP object.
2) Use that object to generate the token.
3) Take user input.
4) Verify the token

You can check the source code for TOTP from the django-otp repository here.

TOTP class has 4 main methods:
1) TOTP.t() — It returns the time based counter.
2) TOTP.time() — It returns current time in seconds, time.time() by default.
3) TOTP.token() — It is the computed the token. It calls hotp() method, by
passing 3 parameters:
i)key — It is the secret key.
ii)t —Time based counter.
iii)digits — Number of digits in a token.
4) TOTP.verify() — It takes 2 parameters:
i) token — This is the token which will be verified.
ii) tolerance — This parameter allows us to verify a token which has already expired.

You can check the code that I used in my project here.
I hope this helped. Let me know if there are any doubts. 🙂