New user account for new forum.
I wanted to share this nginx module that I wrote - nginx-http-auth-totp. This module provided an implementation of time-based, one-time password (TOTP) authentication for Nginx. The Time-based One-Time Password (TOTP) algorithm, provides a secure mechanism for short-lived one-time password values, which are desirable for enhanced security. This algorithm can be used across a wide range of network applications ranging from remote Virtual Private Network (VPN) access, Wi-Fi network logon to transaction-orientated Web applications.
- HTTP basic authentication using time-based one-time password (TOTP)
- Cookie-based tracking of authenticated clients beyond the TOTP validity window
- Configurable secret, time reference, time step and truncation length for TOTP generation
- Configurable time-skew for TOTP validation.
For those interested in writing Nginx modules, this module provides a concrete implementation of some functionality that may be useful for other authors including:
- Shared-memory for consistency in tracking TOTP usage across threads
- Red-black tree for TOTP usage with time-based clean-up/expiration of entries
- HTTP cookie setting and validation