In my previous article, I discussed 2 different types of OTP and the basics of generating an OTP with django-otp. In this article I am going to write about creating a TOTP object and using that to generate and verify a token.
Let’s create a class
TOTPVerification . Check this code below. You can run it and check for yourself. I have included comments for a better understanding of the program.
There are 4 main steps involved:
1) Create a
2) Use that object to generate the token.
3) Take user input.
4) Verify the token
You can check the source code for
TOTP from the django-otp repository here.
TOTP class has 4 main methods:
TOTP.t() — It returns the time based counter.
TOTP.time() — It returns current time in seconds,
time.time() by default.
TOTP.token() — It is the computed the token. It calls
hotp() method, by
passing 3 parameters:
i)key — It is the secret key.
ii)t —Time based counter.
iii)digits — Number of digits in a token.
TOTP.verify() — It takes 2 parameters:
token — This is the token which will be verified.
tolerance — This parameter allows us to verify a token which has already expired.
You can check the code that I used in my project here.
I hope this helped. Let me know if there are any doubts. 🙂