Auth TOTP

A fast and easy-to-use time-based one-time password (TOTP) authentication package for your Flutter application. It is compatible with Google Authenticator, 1Password, LastPass, Microsoft Authenticator and various other authenticator apps.

Get Started

• 🔑 Create Secret Key
• ✔️ Verify TOTP Code
• 🚀 Generate TOTP Code
• 📸 Get QR Code to Scan
• 🔐 Tested Authenticator Apps
• 🔐 Full Example
• 🐛 Report bugs or issues

Create Secret Key

🔑 This method generates a random Base32 secret key, which is used to create verify codes from authentication apps.

String secret = AuthOTP.createSecret(); //32 charater by default
//or
String secret = AuthOTP.createSecret(20); //with length limit 20 charater

This method accepts a single parameter to specify the length of the secret key. By default, it generates a 32-character Base32 secret key. The length limit is between 16 to 32 characters.

Verify TOTP Code

✔️ This method verifies a Time-based One-Time Password (TOTP) code using the secret key and the TOTP code generated by your authenticator app.

Use this method after the user has scanned a QR code or entered the secret key into the authentication app. The same secret key generated by createSecret and the TOTP code generated by the authenticator app should be passed here to verify.

bool checkOTP = verifyCode({
    secretKey: "secret_key_here",
    totpCode: "totp_code_here_by_user"
});

• secretKey: A secret key generate by createSecret method
• totpCode: The TOTP code entered by the user.

It will return true if code is correct, otherwise false.

Generate TOTP Code

🚀 This method generates a TOTP code based on the secret key and the time interval. The time interval is specified in seconds.

String generatedTOTPCode = AuthOTP.generateTOTPCode(
    secretKey: 'secret_key_here',
    interval: 30
);

• secretKey: A secret key generate by createSecret method
• interval: Time interval in seconds, ex. 30

As well as you can use this method to verify TOTP code also.

Example Code:-

String generatedTOTPCode = AuthOTP.generateTOTPCode(
    secretKey: 'secret_key_here',
    interval: 30
);

String inputedOTP = "otp_inputed_by_user";

if(generatedTOTPCode === inputedOTP){
    print("Verified")
} else {
    print("Not Verified")
}

Get QR Code to Scan

📸 This method returns a QR code URL to scan with your authenticator app. It can be used in Image.Network()

String qrCodeUrl = getQRCodeUrl({
    appName: "your app name"
    secretKey: "secret_key_here",
    issuer:"auth_otp"
});

//Image.Network(qrCodeUrl);

• appName: App name, or any text
• secretKey: A secret key generate by createSecret method
• issuer: Issuer name, default is auth_otp

Tested Authenticator Services

🔐

Logo	Service Name	Status
	Google Authenticator	✅
	1Password	✅
	LastPass	✅
	Microsoft Authenticator	✅

Absolutely, it works with all authenticator apps. But feel free to contribute if you have tested it with any other authenticator app.

Full Example

👉 For a complete example, refer to the Auth OTP package documentation.

Report bugs or issues

🐛 You are welcome to open a ticket on github if any 🐞 problems arise. New ideas are always welcome.

Copyright © 2024 Rohit Chouhan. Licensed under the MIT LICENSE