Auth TOTP

The module implements the time-based one-time password (TOTP) algorithm and provides short-lived one-time passwords.

Features:

• Standard HTTP authentication using TOTP.

• Tracking authenticated clients via cookies after TOTP expiration.

• Configurable secret, time seed, time step, and truncation length for TOTP generation.

• Configurable time window for TOTP verification.

Installation

To install the module, use one of the following packages:

• Angie: angie-module-auth-totp

• Angie PRO: angie-pro-module-auth-totp

Loading the module

To use the module, load it in the main{} context:

load_module modules/ngx_http_auth_totp_module.so;

Configuration example

server {
    listen 80;

    location /protected {
        auth_totp_realm "Protected";
        auth_totp_file /etc/angie/totp.conf;
        auth_totp_length 8;
        auth_totp_reuse off;
        auth_totp_skew 1;
        auth_totp_step 1m;
        auth_totp_cookie "totp-session";
        auth_totp_expiry 1d;
    }
}

Additional information

Detailed documentation and source code are available at: 61131/nginx-http-auth-totp