Skip to content

Commit

Permalink
Merge pull request #10 from sauravhathi/dev
Browse files Browse the repository at this point in the history 
✅integrated  send mail + optimization
  • Loading branch information
@sauravhathi
sauravhathi authored Sep 20, 2023
2 parents 4372040 + 5c2d233 commit 43f776c
Show file tree
Hide file tree
Showing 15 changed files with 402 additions and 213 deletions.
7 changes: 0 additions & 7 deletions .env.example
View file

This file was deleted.

9 changes: 9 additions & 0 deletions .env.local
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,9 @@
PORT = 5001
MONGODB_URI =
OTP_VALIDITY_PERIOD_MINUTES = 2
OTP_SIZE = 6
# every 2 minutes
CRON_SCHEDULE = */2 * * * *
# ALLOWED_DOMAINS = gmail.com, lpu.in, outlook.com, yahoo.com
GMAIL_PASS =
GMAIL_USER =
2 changes: 1 addition & 1 deletion Dockerfile
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8,6 +8,6 @@ COPY package*.json ./

RUN yarn install

EXPOSE 3000
EXPOSE 5001

CMD ["yarn","start"]
190 changes: 105 additions & 85 deletions README.md
View file
Original file line number Diff line number Diff line change
@@ -1,117 +1,137 @@
# 📱 OTP Service
# OTP Service

This is a free OTP (One-Time Password) service built with Node.js, Express.js, Mongoose, and node-cron for handling OTP generation, verification, and automatic expiration.
The OTP (One-Time Password) Free Service is a Node.js-based service that allows you to generate and verify one-time passwords (OTP) via email. This service is useful for adding an extra layer of security to your applications by enabling two-factor authentication (2FA) or passwordless login.

## Features

✨ Generate a one-time password (OTP) for a given email.

🔐 Verify an OTP for a given email.
## Table of Contents

⏰ Automatic OTP expiration and cleanup using cron jobs.
- [Features](#features)
- [Getting Started](#getting-started)
- [Prerequisites](#prerequisites)
- [Installation](#installation)
- [Usage](#usage)
- [Generating an OTP](#generating-an-otp)
- [Verifying an OTP](#verifying-an-otp)
- [Configuration](#configuration)
- [Environment Variables](#environment-variables)
- [Scheduled OTP Cleanup](#scheduled-otp-cleanup)
- [Donation](#donation)
- [License](#license)

⚙️ Configurable OTP size and validity period.

🚀 Error handling for invalid OTPs and expired OTPs.
## Features

## Demo
| Feature | Description |
| -------------------------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| Generate numeric, alphanumeric, or alphabet-based OTPs | Generate one-time passwords with various character types: numeric, alphanumeric, or alphabet-based. |
| Send OTPs via email | Send OTPs to users via email for authentication or verification. |
| Verify OTPs for user authentication | Verify OTPs provided by users for secure authentication. |
| Automatic cleanup of expired OTPs | Automatically remove expired OTPs from the database based on a configured cron schedule. |
| Customizable OTP validity period and size | Adjust the validity period and size (length) of OTPs to match your security requirements. |
| Rate limiting for OTP generation | Implement rate limiting to prevent abuse and ensure the service is used responsibly. |
| Multiple email service providers supported | Choose from multiple email service providers (e.g., Gmail, Outlook) to send OTP emails. |
| Flexible configuration via environment variables | Customize the service's behavior by configuring environment variables. |
| Easy-to-use API with JSON input/output | Interact with the service through a user-friendly JSON API for OTP generation and verification. |

You can interact with the API using the following endpoints:
## Getting Started

| Endpoint | Description |
| ------------------------------ | ----------------------------------------- |
| `POST https://otp-4e71.onrender.com/api/otp` | Generate a one-time password (OTP) for a given email. |
| `POST https://otp-4e71.onrender.com/api/otp/verify` | Verify an OTP for a given email. |
### Prerequisites

## Email Integration
Before you begin, ensure you have met the following requirements:

To send emails for OTP delivery, you can use the [sauravhathi/mailer](https://github.com/sauravhathi/mailer) repository. It provides a straightforward way to send emails as part of your OTP delivery process.
| Prerequisite | Description |
| --------------------- | ---------------------------------------------------------------- |
| Node.js and npm | Install Node.js and npm on your development machine. |
| MongoDB database | Set up a MongoDB database (local or cloud-hosted, e.g., MongoDB Atlas) for storing OTP data. |

## Installation
### Installation

1. Clone the repository:

```bash
```shell
git clone https://github.com/sauravhathi/otp-service.git
```

2. Navigate to the project directory:

```shell
cd otp-service
```

2. Install dependencies:
3. Install the dependencies:

```bash
```shell
npm install
```

# or
4. Configure your environment variables by creating a `.env` file in the project root directory. You can use the provided `.env.example` as a template.

yarn
5. Start the service:

```shell
npm start
```

3. Set up your environment variables by creating a `.env` file in the project root directory and configuring the following variables:
The service should now be running on the specified port (default is 3000).

```env
MONGODB_URI=<your-mongodb-connection-uri>
OTP_VALIDITY_PERIOD_MINUTES=2
OTP_SIZE=4
CRON_SCHEDULE=*/2 * * * *
```
## Usage

- `MONGODB_URI`: MongoDB connection URI.
- `OTP_VALIDITY_PERIOD_MINUTES`: Validity period for OTPs in minutes.
- `OTP_SIZE`: Size of the OTP (number of digits).
- `CRON_SCHEDULE`: Cron schedule for automatic OTP cleanup.
### Generating an OTP

4. Start the server:
To generate an OTP for a user, make a POST request to the `/api/otp/generate` endpoint with the user's email address in the request body. You can also specify the OTP type, organization name, and email subject.

```bash
npm dev
Example request:

# or
```json
POST /api/otp/generate
{
"email": "[email protected]",
"type": "numeric",
"organization": "MyApp",
"subject": "OTP Verification"
}
```

yarn dev
```
The service will send an email containing the OTP to the user's email address.

### Verifying an OTP

To verify an OTP for user authentication, make a POST request to the `/api/otp/verify` endpoint with the user's email address and the OTP in the request body.

Example request:

```json
POST /api/otp/verify
{
"email": "[email protected]",
"otp": "123456"
}
```

The service will respond with a success message if the OTP is valid.

## Configuration

You can customize the OTP service by modifying the environment variables in the `.env` file. Here are some key configuration options:

### Environment Variables

| Variable | Description |
| ---------------------------- | --------------------------------------------------------------------------------------------- |
| `PORT` | The port on which the service listens. |
| `MONGODB_URI` | The MongoDB connection string. |
| `OTP_VALIDITY_PERIOD_MINUTES` | The validity period of OTPs in minutes. |
| `OTP_SIZE` | The size (length) of OTPs. |
| `CRON_SCHEDULE` | The cron schedule for OTP cleanup. |
| `ALLOWED_DOMAINS` | Comma-separated list of allowed email domains. |
| `GMAIL_USER` | Gmail username (used for sending emails). |
| `GMAIL_PASS` | Gmail password (used for sending emails). |

## Scheduled OTP Cleanup

The service automatically clears expired OTPs based on the configured cron schedule. By default, it runs daily at midnight to remove expired OTPs.

## Donation

## API Endpoints

### Generate OTP 🚀

- **Endpoint**: POST `/api/otp`
- **Request Body**:
```json
{
"email": "[email protected]"
}
```
- **Response**:
```json
{
"otp": 1234
}
```

### Verify OTP 🔐

- **Endpoint**: POST `/api/otp/verify`
- **Request Body**:
```json
{
"email": "[email protected]",
"otp": 1234
}
```
- **Response**:
```json
{
"message": "OTP is valid"
}
```

## Scheduled OTP Cleanup ⏰

The service automatically clears expired OTPs based on the configured cron schedule.

## Donate ☕

If you find this project useful and want to support its development, consider buying us a coffee!
If you find this project useful and want to support its development, consider buying us a coffee! Your support is greatly appreciated.

<img src="https://github.com/sauravhathi/otp-service/assets/61316762/021a6988-e823-4490-b8f2-ca6a0517ecc5" alt="support" style="width: 200px">

Expand All @@ -121,4 +141,4 @@ Donate: `saurav.34@paytm`

## License

This project is licensed under the MIT License. See the [LICENSE](https://github.com/sauravhathi/otp-service/blob/master/LICENSE) file for details.
This project is licensed under the MIT License. See the [LICENSE](https://github.com/sauravhathi/otp-service/blob/master/LICENSE) file for details.
109 changes: 52 additions & 57 deletions app.log
View file
Original file line number Diff line number Diff line change
@@ -1,57 +1,52 @@
2023-09-08T20:23:08.097Z [INFO] Generated OTP 9201 for [email protected]
2023-09-08T20:23:08.098Z [INFO] Generated OTP 9201 for [email protected]
2023-09-08T20:24:00.572Z [INFO] Cleared expired OTPs
2023-09-08T20:24:42.175Z [INFO] OTP already exists for [email protected]
2023-09-08T20:25:30.186Z [INFO] Generated OTP 1160 for [email protected]
2023-09-08T20:25:38.808Z [INFO] OTP 1160 already exists for [email protected]
2023-09-08T20:26:00.766Z [INFO] Cleared expired OTPs
2023-09-08T20:26:07.884Z [INFO] Verified OTP 1160 for [email protected]
2023-09-08T20:34:00.376Z [INFO] Cleared expired OTPs
2023-09-08T20:36:00.301Z [INFO] Cleared expired OTPs
2023-09-08T20:38:01.213Z [INFO] Cleared expired OTPs
2023-09-08T20:40:00.475Z [INFO] Cleared expired OTPs
2023-09-08T20:44:01.777Z [INFO] Cleared expired OTPs
2023-09-08T20:48:00.091Z [INFO] Cleared expired OTPs
2023-09-08T20:50:00.704Z [INFO] Cleared expired OTPs
2023-09-08T20:55:22.544Z [INFO] Generated OTP 2632 for [email protected]
2023-09-08T20:55:22.544Z [ERROR] Failed to generate OTP
2023-09-08T20:56:00.982Z [INFO] Cleared expired OTPs
2023-09-08T20:56:36.909Z [INFO] OTP 2632 already exists for [email protected]
2023-09-08T20:56:36.910Z [ERROR] Failed to generate OTP
2023-09-08T20:57:06.269Z [INFO] OTP 2632 already exists for [email protected]
2023-09-08T20:58:05.560Z [INFO] Generated OTP 6147 for [email protected]
2023-09-08T20:58:52.982Z [INFO] OTP 6147 already exists for [email protected]
2023-09-08T20:59:35.779Z [INFO] OTP 6147 already exists for [email protected]
2023-09-08T21:00:00.678Z [INFO] Cleared expired OTPs
2023-09-08T21:00:34.087Z [INFO] Generated OTP 1667 for [email protected]
2023-09-08T21:01:44.632Z [INFO] OTP 1667 already exists for [email protected]
2023-09-08T21:02:00.080Z [INFO] Cleared expired OTPs
2023-09-08T21:02:33.874Z [INFO] Verified OTP 1667 for [email protected]
2023-09-08T21:02:35.796Z [ERROR] Failed to verify OTP
2023-09-08T21:02:35.796Z [ERROR] Failed to verify OTP
2023-09-08T21:02:37.204Z [ERROR] Failed to verify OTP
2023-09-08T21:02:37.204Z [ERROR] Failed to verify OTP
2023-09-08T21:02:39.594Z [ERROR] Failed to verify OTP
2023-09-08T21:02:39.594Z [ERROR] Failed to verify OTP
2023-09-08T21:02:40.498Z [ERROR] Failed to verify OTP
2023-09-08T21:02:40.498Z [ERROR] Failed to verify OTP
2023-09-08T21:04:00.952Z [INFO] Cleared expired OTPs
2023-09-08T21:06:00.389Z [INFO] Cleared expired OTPs
2023-09-08T21:06:22.456Z [INFO] Generated OTP 7413 for [email protected]
2023-09-08T21:06:23.922Z [INFO] OTP 7413 already exists for [email protected]
2023-09-08T21:06:33.094Z [INFO] Verified OTP 7413 for [email protected]
2023-09-08T21:06:34.283Z [ERROR] Failed to verify OTP
2023-09-08T21:06:34.284Z [ERROR] Failed to verify OTP
2023-09-08T21:06:35.995Z [ERROR] Failed to verify OTP
2023-09-08T21:06:35.995Z [ERROR] Failed to verify OTP
2023-09-08T21:06:40.173Z [ERROR] Failed to verify OTP
2023-09-08T21:06:40.174Z [ERROR] Failed to verify OTP
2023-09-08T21:06:41.063Z [ERROR] Failed to verify OTP
2023-09-08T21:06:41.064Z [ERROR] Failed to verify OTP
2023-09-08T21:06:47.303Z [ERROR] Failed to verify OTP
2023-09-08T21:06:47.304Z [ERROR] Failed to verify OTP
2023-09-08T21:08:00.179Z [INFO] Cleared expired OTPs
2023-09-08T21:10:00.952Z [INFO] Cleared expired OTPs
2023-09-08T21:12:00.814Z [INFO] Cleared expired OTPs
2023-09-08T21:12:16.766Z [INFO] Generated OTP 2889 for [email protected]
2023-09-08T21:12:23.838Z [INFO] Verified OTP 2889 for [email protected]
2023-09-20T17:59:19.717Z [INFO] 🚀 Connected to MongoDB
2023-09-20T17:59:46.260Z [INFO] Generated OTP c4jgOD for [email protected]
2023-09-20T18:00:00.347Z [INFO] Cleared expired OTPs
2023-09-20T18:00:22.764Z [INFO] Verified OTP c4jgOD for [email protected]
2023-09-20T18:00:34.105Z [ERROR] Failed to verify OTP
2023-09-20T18:00:34.105Z [ERROR] Failed to verify OTP
2023-09-20T18:00:49.043Z [ERROR] Failed to verify OTP
2023-09-20T18:00:49.043Z [ERROR] Failed to verify OTP
2023-09-20T18:02:01.122Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:04:01.020Z [INFO] Cleared expired OTPs
2023-09-20T18:04:57.261Z [ERROR] Failed to verify OTP
2023-09-20T18:05:13.345Z [ERROR] Invalid email
2023-09-20T18:06:00.849Z [INFO] Cleared expired OTPs
2023-09-20T18:08:00.793Z [INFO] Cleared expired OTPs
2023-09-20T18:10:01.741Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:10:02.048Z [INFO] Cleared expired OTPs
2023-09-20T18:10:21.838Z [ERROR] Invalid email
2023-09-20T18:10:33.677Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:10:45.114Z [ERROR] Invalid email
2023-09-20T18:10:53.137Z [INFO] Generated OTP 419296 for [email protected]
2023-09-20T18:11:40.410Z [INFO] Verified OTP 419296 for [email protected]
2023-09-20T18:15:58.337Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:16:00.586Z [INFO] Cleared expired OTPs
2023-09-20T18:16:03.438Z [ERROR] Failed to verify OTP
2023-09-20T18:16:44.116Z [INFO] Generated OTP wmnfo3 for [email protected]
2023-09-20T18:16:48.152Z [ERROR] Failed to generate OTP
2023-09-20T18:17:00.798Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:17:07.099Z [INFO] OTP wmnfo3 already exists for [email protected]
2023-09-20T18:17:12.005Z [INFO] Sent OTP to [email protected]
2023-09-20T18:18:00.482Z [INFO] Cleared expired OTPs
2023-09-20T18:18:04.535Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:18:07.599Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:18:14.106Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:18:21.298Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:18:41.704Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:18:44.845Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:18:46.575Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:18:53.926Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:18:59.746Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:19:15.902Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:19:19.385Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:19:30.121Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:19:35.206Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:19:36.746Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:19:41.205Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:19:44.676Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:20:01.308Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:20:07.173Z [INFO] 🚀 Connected to MongoDB
2023-09-20T18:20:12.947Z [INFO] Generated OTP Y4BW8T for [email protected]
2023-09-20T18:20:16.609Z [INFO] Sent OTP to [email protected]
2023-09-20T18:20:39.518Z [INFO] Verified OTP Y4BW8T for [email protected]
2023-09-20T18:20:43.905Z [ERROR] Failed to verify OTP
Loading

0 comments on commit 43f776c

Please sign in to comment.