feat: add numberOfSecretBytes parameter to Payload and adjust related functionality

FinotiLucas · FinotiLucas · commit 436c8c8523ec · 2025-01-22T07:13:53.000-03:00
Added optional numberOfSecretBytes parameter to the Payload interface to specify the number of authenticator secret bytes (default: 20).

Added the numberOfSecretBytes parameter in the config to use the value from the Payload or fallback to the default.

Adjusted and added corresponding test cases to validate the new parameter and ensure compatibility with existing behavior.

This change provides greater flexibility in configuring the number of secret bytes for the authenticator while maintaining backward compatibility.
diff --git a/lib/interfaces.ts b/lib/interfaces.ts
@@ -2,4 +2,5 @@ export interface Payload {
   name: string;
   account: string;
   counter: number | undefined;
+  numberOfSecretBytes: number | undefined;
 }
diff --git a/lib/secret.ts b/lib/secret.ts
@@ -10,6 +10,7 @@ import type { Strategy } from "./types.js";
  * @param {string} payload.name - The name of the application or service (displayed in the authenticator app).
  * @param {string} payload.account - The account identifier (e.g., email or username) associated with the user.
  * @param {number} [payload.counter] - The counter value, required only for HOTP. Defaults to `0` if not provided and the type is "HOTP".
+ * @param {number} [payload.numberOfSecretBytes] - Number of authenticator secret bytes default is 20.
  * @param {Strategy} [strategy="TOTP"] - The type of OTP to generate. Defaults to "TOTP" (Time-based OTP). Use "HOTP" for counter-based OTP.
  *
  * @returns {Promise<{ secret: string, uri: string, qr: string }>} - A Promise that resolves to an object containing:
@@ -47,10 +48,11 @@ export async function generateSecret(
   const config = {
     name: encodeURIComponent(payload?.name ?? "App"),
     account: payload.account ? encodeURIComponent(`:${payload.account}`) : "",
-    count: strategy === "HOTP" ? (payload.counter ?? 0).toString() : undefined,
+    counter: strategy === "HOTP" ? (payload.counter ?? 0).toString() : undefined,
+    numberOfBytes: payload.numberOfSecretBytes ?? 20
   } as const;
 
-  const secret = authenticator.generateSecret(20);
+  const secret = authenticator.generateSecret(config.numberOfBytes);
 
   const uri =
     strategy === "TOTP"
@@ -62,8 +64,8 @@ export async function generateSecret(
     name: config.name,
   };
 
-  if (strategy === "HOTP" && config.count) {
-    params.counter = config.count;
+  if (strategy === "HOTP" && config.counter) {
+    params.counter = config.counter;
   }
 
   uri.search = new URLSearchParams(params).toString();
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "2fa-node",
-  "version": "0.0.5",
+  "version": "0.0.6",
   "main": "dist/index.js",
   "types": "dist/index.d.ts",
   "files": [
diff --git a/tests/hotp.spec.ts b/tests/hotp.spec.ts
@@ -6,6 +6,7 @@ const { secret } = await generateSecret({
   name: "App",
   account: "exemple@exemple.com",
   counter: 0,
+  numberOfSecretBytes: 20
 });
 
 const counter = 0;
diff --git a/tests/totp.spec.ts b/tests/totp.spec.ts
@@ -7,6 +7,7 @@ const { secret } = await generateSecret(
     name: "App",
     account: "exemple@exemple.com",
     counter: 0,
+    numberOfSecretBytes: 20
   },
   "HOTP",
 );

Original file line number	Diff line number	Diff line change
`@@ -2,4 +2,5 @@ export interface Payload {`
`2`	`2`	`name: string;`
`3`	`3`	`account: string;`
`4`	`4`	`counter: number \| undefined;`
	`5`	`+ numberOfSecretBytes: number \| undefined;`
`5`	`6`	`}`
Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "2fa-node",`
`3`		`- "version": "0.0.5",`
	`3`	`+ "version": "0.0.6",`
`4`	`4`	`"main": "dist/index.js",`
`5`	`5`	`"types": "dist/index.d.ts",`
`6`	`6`	`"files": [`