@perseidesjs/auth-otp enables OTP (One-Time Password) authentication in your Medusa applications, enhancing security and providing an alternative to traditional password-based authentication.

Prerequisites

Before using the plugin, ensure you have:
  • Medusa v2.3.0 or later (plugins were introduced in this version)
  • A Medusa application already set up and running

Understanding Auth-OTP

Traditional password-based authentication has several limitations:
  • Users forget passwords
  • Password reuse leads to security vulnerabilities
  • Account recovery processes can be cumbersome
OTP authentication generates a unique, time-limited code for each authentication attempt. This plugin implements OTP functionality through well-defined workflows within the Medusa framework, enabling passwordless authentication flows.

Installation

We can now install the plugin: 
yarn add @perseidesjs/auth-otp
Add the plugin to your Medusa application in the medusa-config.ts file: 
import { loadEnv, defineConfig } from '@medusajs/framework/utils'

loadEnv(process.env.NODE_ENV || 'development', process.cwd())

module.exports = defineConfig({
  plugins: [
    {
      resolve: "@perseidesjs/auth-otp",
      options: {}
    }
  ],
  // ... other configuration
})

Next Steps

Ready to use the plugin? Let’s dive into the “Basic usage”.