Verify a HMAC-based one-time password.

There are three options:

• token_length - the length of the one-time password
• the default is 6
• last - the count when the one-time password was last used
• this count needs to be stored server-side
• window - the number of future attempts allowed
• the default is 3

Verify a time-based one-time password.

There are three options:

• token_length - the length of the one-time password
• the default is 6
• interval_length - the length of each timed interval
• the default is 30 (seconds)
• window - the number of attempts, before and after the current one, allowed
• the default is 1 (1 interval before and 1 interval after)
• you might need to increase this window to allow for clock skew on the server

Generate a HMAC-based one-time password.

There is one option:

• token_length - the length of the one-time password
• the default is 6

Generate a secret key to be used with one-time passwords.

By default, this function creates a 32 character base32 string, which can be used with the other functions in this module.

It is also possible to create a 16 or 24 character long secret, but this is not recommended.

Generate a time-based one-time password.

There are two options:

• token_length - the length of the one-time password
• the default is 6
• interval_length - the length of each timed interval
• the default is 30 (seconds)

Check the one-time password is valid.

The one-time password should be at least 6 characters long, and it should be a string which only contains numeric values.