This n8n workflow provides a secure method for validating Time-based One-Time Passwords (TOTP) without creating credentials, suitable for implementing two-factor authentication (2FA) in applications. It involves a manual trigger to initiate the process, a Python code node that verifies the TOTP code against a secret key, and a conditional node that determines if the verification was successful.
The workflow begins with a manual trigger, enabling users to test the validation process as needed. The core of the workflow is the ‘TOTP VALIDATION’ node, where custom Python code verifies the provided 6-digit code against a secret key, using standard TOTP algorithms with HMAC SHA-1. The secret and code are supplied as input parameters, which can be retrieved from a database or user input.
Following the verification, an ‘IF’ node checks whether the code was validated successfully (status = 1). If the code is valid, the workflow can proceed with subsequent actions, such as granting access or confirming user identity. Otherwise, it can trigger a different flow, such as prompting for re-entry or logging an attempt.
This workflow is practical for enhancing security measures in web applications, especially where 2FA is implemented for user authentication, making it highly useful for developers and security professionals looking to automate TOTP validation processes.
Reviews
There are no reviews yet.