Email Verification using OTP in NodeJS 

Spread the love

Email verification using OTP (One-Time Password) is an important step in ensuring the security of your application. In this guide, we will walk through the process of setting up email verification using OTP in NodeJS. To implement email verification using OTP (One-Time Password) in NodeJS, you can follow these steps:


  • First, you need to install the required dependencies. You can do this by running the following command in your terminal:


npm install express nodemailer speakeasy qrcode

This will install Express, Nodemailer, Speakeasy, and QRcode packages.


  • Next, you need to create an Express server. You can do this by creating a new file named server.js and adding the following code:


const express = require(‘express’);

const bodyParser = require(‘body-parser’);

const nodemailer = require(‘nodemailer’);

const speakeasy = require(‘speakeasy’);

const qrcode = require(‘qrcode’);

const app = express();

// parse incoming requests app.use(bodyParser.json()); app.use(bodyParser.urlencoded({ extended: false }));

// setup email transporter

const transporter = nodemailer.createTransport({

   service: ‘gmail’,

   auth: {

       user: ‘<your-email>’,

       pass: ‘<your-password>’



// generate OTP function generateOTP() { const secret = speakeasy.generateSecret({ length: 20 });

const otp = speakeasy.totp({

   secret: secret.base32,

   encoding: ‘base32’


const qrCodeUrl = qrcode.toDataURL(secret.otpauth_url);

return {

   secret: secret,

   otp: otp,

   qrCodeUrl: qrCodeUrl



// send verification email function sendVerificationEmail(email, otp)


   const mailOptions = {

       from: ‘<your-email>’,

       to: email,

       subject: ‘Email Verification’,

       html: ` <p>Your verification code is ${otp}</p> `


   return transporter.sendMail(mailOptions);


// handle email verification request‘/verify-email’, (req, res) => {

   const email =;

   const otp = generateOTP();

   sendVerificationEmail(email, otp.otp).then(() => {


           message: ‘Verification email sent successfully!’,

           qrCodeUrl: otp.qrCodeUrl


   }).catch(error => {



           message: ‘Failed to send verification email!’



}); // start server app.listen(3000, () => { console.log(‘Server started on port 3000!’); });


  • In the code above, we have defined a few functions. The generateOTP() function generates a secret key and an OTP using the Speakeasy package. We then generate a QR code for this secret key using the QRcode package. The sendVerificationEmail() function sends an email to the specified email address with the OTP. Finally, we define a route /verifyemail that takes an email address and sends a verification email to it.


  • To test this, you can send a POST request to http://localhost:3000/verify-email with the following JSON payload:

{ “email”: “” }


  • This will send a verification email to the specified email address with an OTP and a QR code. You can then ask the user to enter the OTP to verify their email address.


Note: In the code above, we have used Gmail as the email service provider. If you are using a different provider, you will need to change the service and `auth



Leave a Reply

Your email address will not be published. Required fields are marked *