├── LICENSE
├── README.md
└── worker.js


/LICENSE:
--------------------------------------------------------------------------------
 1 | MIT License
 2 | 
 3 | Copyright (c) 2024 wuzf
 4 | 
 5 | Permission is hereby granted, free of charge, to any person obtaining a copy
 6 | of this software and associated documentation files (the "Software"), to deal
 7 | in the Software without restriction, including without limitation the rights
 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
 9 | copies of the Software, and to permit persons to whom the Software is
10 | furnished to do so, subject to the following conditions:
11 | 
12 | The above copyright notice and this permission notice shall be included in all
13 | copies or substantial portions of the Software.
14 | 
15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
21 | SOFTWARE.
22 | 


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | # 2fa
 2 | 这是一个用Cloudflare Worker代码实现的Two Factor Authentication，worker页面会显示动态生成的 One-Time Password（OTP），并且能够在 OTP 过期后自动刷新以提供新的 OTP，可以简单代替Google Authenticator或者Microsoft Authenticator。
 3 | 如果不想用演示站，也可以自己复制worker.js源码，通过Cloudflare Worker自行搭建。
 4 | 
 5 | ### 演示网站
 6 |  https://2fa.free.hr/MBWJJVDIQ3PH3SA5
 7 | 
 8 | ### 备用网站：
 9 |  1. https://2fa.guts.eu.org/MBWJJVDIQ3PH3SA5
10 |  2. https://2fa.my2fa.workers.dev/MBWJJVDIQ3PH3SA5
11 |  3. https://tfa.mytfa.workers.dev/MBWJJVDIQ3PH3SA5
12 | 


--------------------------------------------------------------------------------
/worker.js:
--------------------------------------------------------------------------------
 1 | (() => {
 2 |   // src/index.js
 3 |   addEventListener("fetch", (event) => {
 4 |     event.respondWith(handleRequest(event.request));
 5 |   });
 6 |   async function handleRequest(request) {
 7 |     const url = new URL(request.url);
 8 |     const secret = url.pathname.substring(1);
 9 |     if (!secret) {
10 |       return new Response("Missing secret parameter", { status: 400 });
11 |     }
12 |     const loadTime = Math.floor(Date.now() / 1e3);
13 |     const otp = await generateOTP(secret, loadTime);
14 |     const htmlContent = `
15 |     <html>
16 |       <head>
17 |         <title>OTP Page</title>
18 |         <script>
19 |           const loadTime = ${loadTime};
20 |           
21 |           const remainingTime = ${calculateRemainingTime(loadTime)};
22 |           
23 |           if (remainingTime <= 0) {
24 |             location.reload();
25 |           } else {
26 |             setTimeout(() => {
27 |               location.reload();
28 |             }, remainingTime * 1000);
29 |           }
30 |         <\/script>
31 |       </head>
32 |       <body>
33 |       <pre>{
34 |   "token": "${otp}"
35 | }</pre>
36 |       </body>
37 |     </html>
38 |   `;
39 |     const htmlResponse = new Response(htmlContent, {
40 |       headers: {
41 |         "Content-Type": "text/html"
42 |       }
43 |     });
44 |     return htmlResponse;
45 |   }
46 |   async function generateOTP(secret, loadTime) {
47 |     const epochTime = Math.floor(Date.now() / 1e3);
48 |     const timeStep = 30;
49 |     let counter = Math.floor(epochTime / timeStep);
50 |     const counterStart = counter * timeStep;
51 |     const counterBytes = new Uint8Array(8);
52 |     for (let i = 7; i >= 0; i--) {
53 |       counterBytes[i] = counter & 255;
54 |       counter >>>= 8;
55 |     }
56 |     const key = await crypto.subtle.importKey(
57 |       "raw",
58 |       base32toByteArray(secret),
59 |       { name: "HMAC", hash: { name: "SHA-1" } },
60 |       false,
61 |       ["sign"]
62 |     );
63 |     const hmacBuffer = await crypto.subtle.sign("HMAC", key, counterBytes.buffer);
64 |     const hmacArray = Array.from(new Uint8Array(hmacBuffer));
65 |     const offset = hmacArray[hmacArray.length - 1] & 15;
66 |     const truncatedHash = hmacArray.slice(offset, offset + 4);
67 |     const otpValue = new DataView(new Uint8Array(truncatedHash).buffer).getUint32(0) & 2147483647;
68 |     const otp = (otpValue % 1e6).toString().padStart(6, "0");
69 |     return otp;
70 |   }
71 |   function base32toByteArray(base32) {
72 |     const charTable = "ABCDEFGHIJKLMNOPQRSTUVWXYZ234567";
73 |     const base32Chars = base32.toUpperCase().split("");
74 |     const bits = base32Chars.map((char) => charTable.indexOf(char).toString(2).padStart(5, "0")).join("");
75 |     const bytes = [];
76 |     for (let i = 0; i < bits.length; i += 8) {
77 |       bytes.push(parseInt(bits.slice(i, i + 8), 2));
78 |     }
79 |     return new Uint8Array(bytes);
80 |   }
81 |   function calculateRemainingTime(loadTime) {
82 |     const epochTime = Math.floor(Date.now() / 1e3);
83 |     const timeStep = 30;
84 |     const currentCounter = Math.floor(epochTime / timeStep);
85 |     const expirationTime = (currentCounter + 1) * timeStep;
86 |     const remainingTime = expirationTime - loadTime;
87 |     return remainingTime;
88 |   }
89 | })();
90 | //# sourceMappingURL=index.js.map
91 | 


--------------------------------------------------------------------------------