Canlı

AuthFlow

A self-hosted TOTP management platform. Generate, manage, and audit one-time passwords from a web dashboard — with a REST API and Slack integration for team use.

#Next.js #TypeScript #PostgreSQL #Auth.js #Open Source

Kaynak Kod Canlı Demo ☕ Kahve Ismarla

Detaylı İnceleme

Screenshots

Screenshot Placeholder 1

Screenshot Placeholder 2

Screenshot Placeholder 3

AuthFlow is a self-hosted TOTP management platform for generating, managing, and auditing one-time passwords — built for both personal use and team workflows.

Deploy it on Vercel with any PostgreSQL database (Supabase-compatible). Authenticate with email, then manage all your TOTP secrets from a clean web dashboard.

Features

Live OTP Dashboard — Add services, view countdown timers, copy codes with a click
REST API — GET /{slug}?key=API_KEY returns JSON or plaintext OTP codes, ready for automation pipelines
Slack Integration — /otp <slug> slash command posts the current code directly to any channel
Request Attribution — Every OTP retrieval logs source (API vs. Slack) and requester identity
Analytics — 7-day usage charts and complete request history per service

Technical Highlights

TOTP Without Dependencies

OTP generation uses the native Web Crypto API (RFC 6238) — no third-party OTP libraries. Secrets are Base32-decoded and fed into HMAC-SHA1 to produce the standard 6-digit codes.

Stack

Framework: Next.js App Router
Auth: Auth.js v5 (credentials provider)
Database: PostgreSQL (postgres driver, Supabase-compatible)
UI: shadcn/ui + Tailwind CSS 4
Deployment: Vercel

API Design

The /{slug} endpoint accepts an Accept header to switch between JSON and plain-text responses, making it easy to pipe OTP codes into shell scripts, CI jobs, or any HTTP-capable tool.