flutter_secure_2fa 1.0.0+1

A secure and flexible 2FA package for Flutter using TOTP. Supports SHA1/SHA256/SHA512 algorithms, variable digits, and time window verification.

flutter_secure_2fa

A robust and flexible 2FA (Two-Factor Authentication) package for Flutter. It handles TOTP (Time-Based One-Time Password) secret generation, QR Code URL creation, and verification with support for varied security requirements.

Features

• Secret Generation: Generate secure Base32 secrets.
• QR Code Ready: Generate otpauth:// URLs compatible with Google Authenticator, Authy, etc.
• Universal Verification:
  • Algorithms: SHA1 (Standard), SHA256, SHA512.
  • Digits: 6 (Standard) or 8 digits.
  • Intervals: Custom time steps (default 30s).
• Clock Drift Tolerance: Configure a time window to verify codes from previous or future intervals.
• Error Logging: Helpful console logs in debug mode.

Installation

Add this to your package's pubspec.yaml file:

dependencies:
  flutter_secure_2fa: ^1.0.0

Usage

Basic Usage

import 'package:flutter_secure_2fa/flutter_secure_2fa.dart';

final secure2fa = FlutterSecure2FA();

// 1. Generate a Secret
final secret = secure2fa.generateSecret();

// 2. Get QR Code URL (use with a QR widget like qr_flutter)
final authUrl = secure2fa.getAuthUrl(
  secret, 
  appName: 'MyApp', 
  accountName: 'user@example.com'
);

// 3. Verify a Code
final code = '123456'; // From user input
bool isValid = secure2fa.verifyCode(secret, code);

Advanced Usage

Verify with different algorithms or drift tolerance:

// Check valid code for current time +/- 1 interval (30s drift)
// Using SHA256 and 8 digits
bool isValid = secure2fa.verifyCode(
  secret, 
  code,
  algorithm: Secure2FAAlgorithm.sha256,
  digits: 8,
  interval: 30, // 30 seconds
  window: 1, // Look back 1 interval and forward 1 interval
);

Example

Check the example directory for a complete Flutter app using this package.

License

MIT