auth-verify 1.12.1 → 1.13.0

package/package.json

@@ -8,6 +8,7 @@
     "express": "^5.1.0",
     "ioredis": "^5.8.1",
     "jsonwebtoken": "^9.0.2",
+    "mailage": "^0.0.1",
     "node-telegram-bot-api": "^0.66.0",
     "nodemailer": "^7.0.6",
     "path": "^0.12.7",
@@ -15,7 +16,7 @@
     "uuid": "^9.0.1"
   },
   "name": "auth-verify",
-  "version": "1.12.1",
+  "version": "1.13.0",
   "description": "A simple Node.js library for sending and verifying OTP via email, SMS and Telegram bot. And generating TOTP codes and QR codes. And handling JWT with Cookies. And also handling passwordless logins with passkeys/webauth. And handling magiclink passwordless logins",
   "main": "index.js",
   "scripts": {

package/readme.md

@@ -343,6 +343,18 @@ otp.sender({
   secure: false
 })
 ```
+
+#### Using API
+```js
+otp.sender({
+  via: "email",
+  service: "api",
+  sender: "your_email@gmail.com",
+  apiService: "resend", // "postmark", "sendgrid"
+  apiKey: "your-api-key"
+})
+```
+
 #### SMS sender
 #### 📘 Auth-Verify SMS API — Full Guide
 Auth-Verify supports sending OTPs via SMS using **30+ global SMS providers**.
@@ -1827,4 +1839,4 @@ auth-verify/
 
 Contributions welcome! Open issues / PRs for bugs, improvements, or API suggestions.
 
-MIT © 2025 — Jahongir Sobirov
+MIT © 2025 - 2026 — Jahongir Sobirov

package/src/otp/index.js

@@ -2,6 +2,7 @@ const {generateSecureOTP, resendGeneratedOTP, sendSMS} = require('../helpers/hel
 const Redis = require("ioredis");
 const nodemailer = require("nodemailer");
 const TelegramBot = require("node-telegram-bot-api");
+const { Transport, Resend, SendGrid, Postmark } = require('mailage')
 
 class OTPManager {
     constructor(otpOptions = {}){
@@ -35,6 +36,10 @@ class OTPManager {
             this.senderHost = otpOptions.sender.host;
             this.senderPort = otpOptions.sender.port;
             this.senderSecure = otpOptions.sender.secure;
+            this.senderApiService = otpOptions.sender.api.service;
+            this.senderApiKey = otpOptions.sender.api.key;
+            this.senderApiSecret = otpOptions.sender.api.secret;
+            this.senderApiUrl = otpOptions.sender.api.url;
         }
 
     }
@@ -167,6 +172,44 @@ class OTPManager {
                         maxConnections: 3,
                         maxMessages: 50
                     });
+                }else if(this.senderConfig.service === 'api'){
+                    if(this.senderConfig.apiService === 'sendgrid'){
+                        
+                        (async function(){
+                            const apiMail = new Transport(
+                                new SendGrid({
+                                    apiKey: this.senderConfig.apiKey,
+                                    sender: this.senderConfig.sender
+                                })
+                            )
+
+                            apiMail.send({to,subject,text, html})
+                        })() 
+                    }else if(this.senderConfig.apiService === 'resend'){
+                        (async function() {
+                            const apiMail = new Transport(
+                                new Resend({
+                                    apiKey: this.senderConfig.apiKey,
+                                    sender: this.senderConfig.sender
+                                })
+                            )
+
+                            apiMail.send({to, subject, text, html})
+                        })()
+                    }else if(this.senderConfig.apiService === 'postmark'){
+                        (async function(params) {
+                            const apiMail = new Transport(
+                                new Postmark({
+                                    apiKey: this.senderConfig.apiKey,
+                                    sender: this.senderConfig.sender
+                                })
+                            )
+
+                            apiMail.send({to, subject, text, html})
+                        })()
+                    }else{
+                        throw new Error(`Unsupported email service: ${this.senderConfig.apiService}`);    
+                    }
                 } else {
                     throw new Error(`Unsupported email service: ${this.senderConfig.service}`);
                 }
@@ -547,7 +590,10 @@ class OTPManager {
             }else if(this.senderConfig.via === 'whatsapp'){
                 await this.#sendWhatsApp(reciever, mailOption);
                 return true;
-            }else {
+            }else if(this.senderConfig.via === 'api'){
+                await this.#sendEmailApi(reciever, mailOption);
+                return true;
+            }else{
                 throw new Error("senderConfig.via should be 'email' or 'sms'")
             }
         }
@@ -558,15 +604,15 @@ class OTPManager {
 
     #sendEmail(reciever, mailOption){
         return this.generate(mailOption.otpLen).set(reciever, (err)=>{
-            if(err) throw err
+            if(err) throw err;
 
             this.message({
                 to: reciever,
                 subject: mailOption.subject || "Your OTP code",
                 text: mailOption.text || `Your OTP code is ${this.code}`,
                 html: mailOption.html || `Your OTP code is ${this.code}`
+                });
             });
-        });
     }
 
     #sendSMS(reciever, smsOption){
@@ -590,6 +636,19 @@ class OTPManager {
             });
         });
     }
+
+    #sendEmailApi(reciever, mailOption){
+        return this.generate(mailOption.otpLen).set(reciever, (err)=> {
+            if(err) throw err;
+
+            this.message({
+                to: reciever,
+                subject: mailOption.subject || "Your OTP code",
+                text: mailOption.text || `Your OTP code is ${this.code}`,
+                html: mailOption.html || `Your OTP code is ${this.code}`                 
+            })
+        })
+    }
 }
 
 module.exports = OTPManager;

package/rest-api/index.js

@@ -1,196 +0,0 @@
-const express = require("express");
-const cors = require("cors");
-const AuthVerify = require("../index");
-const path = require("path");
-
-const app = express();
-app.use(cors());
-app.use(express.json());
-app.use(express.static("public"));
-
-const router = express.Router();   // FIXED
-
-const auth = new AuthVerify();
-
-// If user enters any route ("/", "/docs", etc) send homepage
-app.get("/", (req, res) => {
-  res.sendFile(path.join(__dirname, "public/index.html"));
-});
-
-// Generating OTP (just generate code, no sending)
-router.post('/auth/otp/generate/:leng', async (req, res) => {
-    try {
-        let { leng } = req.params;
-        const length = leng ? parseInt(leng) : 6;  // default 6 digits if undefined
-
-        const otp = auth.otp.generate(length);
-
-        return res.json({
-            ok: true,
-            code: otp.code,
-            length
-        });
-    } catch (err) {
-        console.error(err);
-        return res.status(500).json({ ok: false, error: "Failed to generate OTP", message: err.message });
-    }
-});
-
-
-// ----------- Gmail Provider -------------
-router.post('/auth/otp/send/gmail/:to', async (req, res) => {
-    try {
-        const { to } = req.params;
-        const { email, pass, subject, text, html } = req.body.sender || {};
-
-        if (!email || !pass) {
-            return res.status(400).json({ error: "Missing sender email or password" });
-        }
-
-        auth.otp.sender({
-            via: 'email',
-            service: 'gmail',
-            sender: email,
-            pass
-        });
-
-        const info = await auth.otp.send(to, {
-            subject: subject || "Your OTP Code",
-            text: text || "",
-            html: html || ""
-        });
-
-        return res.json({
-            ok: true,
-            provider: "gmail",
-            to
-        });
-
-    } catch (err) {
-        console.error(err);
-        return res.status(500).json({ error: "Failed to send OTP" });
-    }
-});
-
-// ----------- Brevo Provider -------------
-router.post('/auth/otp/send/email/brevo/:to', async (req, res) => {
-    try {
-        const { to } = req.params;
-        const { name, email, subject, text, html, apikey } = req.body.sender || {};
-
-        if (!email || !apikey) {
-            return res.status(400).json({ error: "Missing email or Brevo API key" });
-        }
-
-        const otp = auth.otp.generate(6);
-
-        const payload = {
-            sender: { name: name || "AuthVerify", email },
-            to: [{ email: to }],
-            subject: subject || "Your OTP Code",
-            htmlContent: html || `<b>Your OTP code is: ${otp.code}</b>`,
-            textContent: text || `Your OTP code is: ${otp.code}`
-        };
-
-        const response = await axios.post("https://api.brevo.com/v3/smtp/email", payload, {
-            headers: { "api-key": apikey, "Content-Type": "application/json" }
-        });
-
-        return res.json({ ok: true, provider: "brevo", to, code: otp.code, providerData: response.data });
-    } catch (err) {
-        console.error(err);
-        return res.status(500).json({ error: "Failed to send OTP" });
-    }
-});
-
-router.post('/auth/otp/send/email/sendgrid/:to', async (req, res) => {
-    try {
-        const { to } = req.params;
-        const { apikey, subject, text, html } = req.body.sender || {};
-
-        if (!apikey) return res.status(400).json({ error: "Missing SendGrid API key" });
-
-        const otp = auth.otp.generate(6);
-
-        const payload = {
-            personalizations: [{ to: [{ email: to }] }],
-            from: { email: "no-reply@yourdomain.com", name: "AuthVerify" },
-            subject: subject || "Your OTP Code",
-            content: [
-                { type: "text/plain", value: text || `Your OTP code is: ${otp.code}` },
-                { type: "text/html", value: html || `<b>Your OTP code is: ${otp.code}</b>` }
-            ]
-        };
-
-        const response = await axios.post("https://api.sendgrid.com/v3/mail/send", payload, {
-            headers: { "Authorization": `Bearer ${apikey}`, "Content-Type": "application/json" }
-        });
-
-        return res.json({ ok: true, provider: "sendgrid", to, code: otp.code, providerData: response.data });
-    } catch (err) {
-        console.error(err);
-        return res.status(500).json({ error: "Failed to send OTP via SendGrid" });
-    }
-});
-
-
-// ------ OTP SMS -------
-router.post('/auth/otp/send/sms/:to', async (req, res)=>{
-    try {
-        const { to } = req.params;
-        const { provider, apiKey, apiSecret, sender, text } = req.body.sender || {};
-
-        if(!provider || !apiKey || !apiSecret || !sender) return res.status(400).json({error: "Missing sender provider or apiKey or apiSecret or sender"}); 
-
-        auth.otp.sender({
-            via: 'sms',
-            provider,
-            apiKey,
-            apiSecret,
-            sender
-        });
-
-        const info = await auth.otp.send(to, {text});
-
-        return res.json({
-            ok: true,
-            provider,
-            to
-        });
-    } catch(err){
-        console.error(err);
-        return res.status(500).json({ error: "Failed to send OTP with SMS" });
-    }
-});
-
-// Verify OTP sent by email
-router.post('/auth/otp/verify/:to', async (req, res) => {
-    try {
-        const { to } = req.params;
-        const { otp } = req.body;
-
-        if (!otp) {
-            return res.status(400).json({ success: false, message: "Missing OTP code" });
-        }
-
-        const valid = await auth.otp.verify(to, otp);
-
-        if (valid) {
-            return res.status(200).json({ success: true, message: "OTP verified", to });
-        } else {
-            return res.status(400).json({ success: false, message: "OTP is incorrect", to });
-        }
-
-    } catch (err) {
-        console.error(err);
-        return res.status(500).json({ success: false, message: "Failed to verify OTP", error: err.message });
-    }
-});
-
-
-// mount router
-app.use("/api", router);   // IMPORTANT!!
-
-app.listen(3000, () => {
-    console.log("REST API running on port 3000");
-});

package/rest-api/public/index.html

@@ -1,376 +0,0 @@
-<!DOCTYPE html>
-<html lang="en" data-theme="dark">
-<head>
-  <meta charset="UTF-8" />
-  <meta name="viewport" content="width=device-width, initial-scale=1.0"/>
-  <title>Auth-verify REST API Guide</title>
-
-  <!-- Tailwind + DaisyUI (dark mode) -->
-  <script src="https://cdn.tailwindcss.com"></script>
-  <link href="https://cdn.jsdelivr.net/npm/daisyui@4.12.10/dist/full.min.css" rel="stylesheet" type="text/css" />
-
-  <!-- Highlight.js (Monokai-Sublime) -->
-  <link rel="stylesheet"
-        href="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/styles/monokai-sublime.min.css"/>
-  <script src="https://cdnjs.cloudflare.com/ajax/libs/highlight.js/11.9.0/highlight.min.js"></script>
-  <script>hljs.highlightAll();</script>
-
-  <style>
-    pre code { @apply rounded-lg p-4 overflow-x-auto; }
-    .copy-btn { @apply btn btn-xs btn-ghost absolute top-2 right-2; }
-  </style>
-</head>
-
-<body class="bg-base-100 text-base-content min-h-screen">
-
-  <!-- Header -->
-  <header class="bg-primary text-primary-content py-12">
-    <div class="container mx-auto text-center">
-      <h1 class="text-4xl md:text-5xl font-bold mb-3">Auth-verify REST API Guide</h1>
-      <p class="text-lg opacity-90">
-        Generate, send (Gmail / SMS) and verify OTPs – examples in 6 languages
-      </p>
-    </div>
-  </header>
-
-  <div class="container mx-auto px-4 py-10">
-
-    <!-- Intro -->
-    <section class="prose prose-invert max-w-none mb-12">
-      <h2>Overview</h2>
-      <p>All requests go to <code class="bg-base-300 px-2 py-1 rounded">http://localhost:3000/api</code> (replace with your production URL).</p>
-      <ul class="list-disc pl-6">
-        <li><strong>Generate:</strong> <code>POST /auth/otp/generate/{length}</code></li>
-        <li><strong>Gmail:</strong> <code>POST /auth/otp/send/gmail/{to_email}</code></li>
-        <li><strong>SMS:</strong> <code>POST /auth/otp/send/sms/{to_phone}</code></li>
-        <li><strong>Verify:</strong> <code>POST /auth/otp/verify/{to}</code></li>
-      </ul>
-      <div class="alert alert-info mt-4">
-        <strong>Never</strong> hard-code credentials. Use environment variables (shown in each example).
-      </div>
-    </section>
-
-    <!-- Language Tabs -->
-    <div class="tabs tabs-boxed mb-6">
-      <a class="tab tab-active" data-lang="python">Python</a>
-      <a class="tab" data-lang="php">PHP</a>
-      <a class="tab" data-lang="go">Go</a>
-      <a class="tab" data-lang="java">Java</a>
-      <a class="tab" data-lang="csharp">C#</a>
-      <a class="tab" data-lang="ruby">Ruby</a>
-    </div>
-
-    <!-- Code Panels -->
-    <div id="code-panels" class="space-y-8">
-
-      <!-- ==================== PYTHON ==================== -->
-      <div class="panel" data-lang="python">
-        <h3 class="text-2xl font-semibold mb-3">Python (requests)</h3>
-        <div class="relative">
-          <button class="copy-btn" onclick="copyCode(this)">Copy</button>
-          <pre><code class="language-python">import os
-import requests
-from dotenv import load_dotenv   # pip install python-dotenv
-
-load_dotenv()                     # reads .env file
-BASE_URL = os.getenv("OTP_BASE_URL", "http://localhost:3000/api")
-GMAIL_USER = os.getenv("GMAIL_USER")
-GMAIL_PASS = os.getenv("GMAIL_APP_PASS")
-TEST_EMAIL = os.getenv("TEST_EMAIL")
-
-def generate_otp(length=6):
-    r = requests.post(f"{BASE_URL}/auth/otp/generate/{length}")
-    r.raise_for_status()
-    return r.json()
-
-def send_otp_gmail(to_email, otp):
-    payload = {
-        "sender": {
-            "email": GMAIL_USER,
-            "pass": GMAIL_PASS,
-            "subject": "Your OTP Code",
-            "text": f"Your OTP code is: {otp}",
-            "html": f"&lt;b&gt;Your OTP code is: {otp}&lt;/b&gt;"
-        }
-    }
-    r = requests.post(f"{BASE_URL}/auth/otp/send/gmail/{to_email}", json=payload)
-    r.raise_for_status()
-    return r.json()
-
-def verify_otp(to, otp):
-    r = requests.post(f"{BASE_URL}/auth/otp/verify/{to}", json={"otp": otp})
-    r.raise_for_status()
-    return r.json()
-
-if __name__ == "__main__":
-    otp_data = generate_otp()
-    code = otp_data.get("code")
-    print("OTP:", code)
-
-    send_otp_gmail(TEST_EMAIL, code)
-    # verify_otp(TEST_EMAIL, code)
-</code></pre>
-        </div>
-      </div>
-
-      <!-- ==================== PHP ==================== -->
-      <div class="panel hidden" data-lang="php">
-        <h3 class="text-2xl font-semibold mb-3">PHP (cURL)</h3>
-        <div class="relative">
-          <button class="copy-btn" onclick="copyCode(this)">Copy</button>
-          <pre><code class="language-php">&lt;?php
-putenv('GMAIL_USER=jahongir.nodirovich.2007@gmail.com');
-putenv('GMAIL_APP_PASS=YOUR_APP_PASSWORD');
-putenv('TEST_EMAIL=jahongir.sobirov.2007@mail.ru');
-
-$BASE_URL = getenv('OTP_BASE_URL') ?: 'http://localhost:3000/api';
-
-function post($url, $data = null) {
-    $ch = curl_init($url);
-    curl_setopt_array($ch, [
-        CURLOPT_RETURNTRANSFER => true,
-        CURLOPT_POST => true,
-        CURLOPT_HTTPHEADER => ['Content-Type: application/json'],
-        CURLOPT_POSTFIELDS => $data ? json_encode($data) : null
-    ]);
-    $out = curl_exec($ch);
-    curl_close($ch);
-    return json_decode($out, true);
-}
-
-$otp = post("$BASE_URL/auth/otp/generate/6");
-echo "OTP: " . $otp['code'] . PHP_EOL;
-
-$payload = [
-    "sender" => [
-        "email" => getenv('GMAIL_USER'),
-        "pass"  => getenv('GMAIL_APP_PASS'),
-        "subject"=> "Your OTP Code",
-        "text"  => "Your OTP code is: {$otp['code']}",
-        "html"  => "&lt;b&gt;Your OTP code is: {$otp['code']}&lt;/b&gt;"
-    ]
-];
-post("$BASE_URL/auth/otp/send/gmail/" . getenv('TEST_EMAIL'), $payload);
-</code></pre>
-        </div>
-      </div>
-
-      <!-- ==================== GO ==================== -->
-      <div class="panel hidden" data-lang="go">
-        <h3 class="text-2xl font-semibold mb-3">Go (net/http)</h3>
-        <div class="relative">
-          <button class="copy-btn" onclick="copyCode(this)">Copy</button>
-          <pre><code class="language-go">package main
-
-import (
-	"encoding/json"
-	"fmt"
-	"net/http"
-	"os"
-)
-
-var baseURL = os.Getenv("OTP_BASE_URL")
-if baseURL == "" { baseURL = "http://localhost:3000/api" }
-
-func postJSON(url string, payload interface{}) map[string]interface{} {
-	b, _ := json.Marshal(payload)
-	resp, _ := http.Post(url, "application/json", bytes.NewBuffer(b))
-	defer resp.Body.Close()
-	var out map[string]interface{}
-	json.NewDecoder(resp.Body).Decode(&out)
-	return out
-}
-
-func main() {
-	// 1. Generate
-	otp := postJSON(fmt.Sprintf("%s/auth/otp/generate/6", baseURL), nil)
-	code := otp["code"].(string)
-	fmt.Println("OTP:", code)
-
-	// 2. Gmail
-	gmailPayload := map[string]interface{}{
-		"sender": map[string]string{
-			"email":   os.Getenv("GMAIL_USER"),
-			"pass":    os.Getenv("GMAIL_APP_PASS"),
-			"subject": "Your OTP Code",
-			"text":    fmt.Sprintf("Your OTP code is: %s", code),
-			"html":    fmt.Sprintf("&lt;b&gt;Your OTP code is: %s&lt;/b&gt;", code),
-		},
-	}
-	postJSON(fmt.Sprintf("%s/auth/otp/send/gmail/%s", baseURL, os.Getenv("TEST_EMAIL")), gmailPayload)
-}
-</code></pre>
-        </div>
-      </div>
-
-      <!-- ==================== JAVA ==================== -->
-      <div class="panel hidden" data-lang="java">
-        <h3 class="text-2xl font-semibold mb-3">Java (HttpClient)</h3>
-        <div class="relative">
-          <button class="copy-btn" onclick="copyCode(this)">Copy</button>
-          <pre><code class="language-java">import java.net.URI;
-import java.net.http.*;
-import java.util.Map;
-import com.fasterxml.jackson.databind.ObjectMapper;
-
-public class OTPDemo {
-    private static final String BASE = System.getenv("OTP_BASE_URL") != null ?
-            System.getenv("OTP_BASE_URL") : "http://localhost:3000/api";
-    private static final HttpClient client = HttpClient.newHttpClient();
-    private static final ObjectMapper mapper = new ObjectMapper();
-
-    public static void main(String[] args) throws Exception {
-        // 1. Generate
-        var genReq = HttpRequest.newBuilder()
-                .uri(URI.create(BASE + "/auth/otp/generate/6"))
-                .POST(HttpRequest.BodyPublishers.noBody())
-                .build();
-        var genResp = client.send(genReq, HttpResponse.BodyHandlers.ofString());
-        @SuppressWarnings("unchecked")
-        Map&lt;String,Object&gt; otp = mapper.readValue(genResp.body(), Map.class);
-        String code = (String) otp.get("code");
-        System.out.println("OTP: " + code);
-
-        // 2. Gmail
-        Map&lt;String,Object&gt; sender = Map.of(
-            "email", System.getenv("GMAIL_USER"),
-            "pass",  System.getenv("GMAIL_APP_PASS"),
-            "subject","Your OTP Code",
-            "text", "Your OTP code is: "+code,
-            "html", "&lt;b&gt;Your OTP code is: "+code+"&lt;/b&gt;"
-        );
-        var payload = Map.of("sender", sender);
-        var gmailReq = HttpRequest.newBuilder()
-                .uri(URI.create(BASE + "/auth/otp/send/gmail/" + System.getenv("TEST_EMAIL")))
-                .header("Content-Type","application/json")
-                .POST(HttpRequest.BodyPublishers.ofString(mapper.writeValueAsString(payload)))
-                .build();
-        client.send(gmailReq, HttpResponse.BodyHandlers.ofString());
-    }
-}
-</code></pre>
-        </div>
-      </div>
-
-      <!-- ==================== C# ==================== -->
-      <div class="panel hidden" data-lang="csharp">
-        <h3 class="text-2xl font-semibold mb-3">C# (HttpClient)</h3>
-        <div class="relative">
-          <button class="copy-btn" onclick="copyCode(this)">Copy</button>
-          <pre><code class="language-csharp">using System;
-using System.Net.Http;
-using System.Text;
-using System.Threading.Tasks;
-using Newtonsoft.Json;
-using System.Collections.Generic;
-
-class Program {
-    static readonly HttpClient client = new HttpClient();
-    static readonly string baseUrl = Environment.GetEnvironmentVariable("OTP_BASE_URL") ?? "http://localhost:3000/api";
-
-    static async Task Main() {
-        // 1. Generate
-        var otpResp = await client.PostAsync($"{baseUrl}/auth/otp/generate/6", null);
-        var otpJson = await otpResp.Content.ReadAsStringAsync();
-        dynamic otp = JsonConvert.DeserializeObject(otpJson);
-        string code = otp.code;
-        Console.WriteLine($"OTP: {code}");
-
-        // 2. Gmail
-        var sender = new Dictionary&lt;string, string&gt;{
-            {"email", Environment.GetEnvironmentVariable("GMAIL_USER")},
-            {"pass",  Environment.GetEnvironmentVariable("GMAIL_APP_PASS")},
-            {"subject","Your OTP Code"},
-            {"text", $"Your OTP code is: {code}"},
-            {"html", $"&lt;b&gt;Your OTP code is: {code}&lt;/b&gt;"}
-        };
-        var payload = new { sender };
-        var content = new StringContent(JsonConvert.SerializeObject(payload), Encoding.UTF8, "application/json");
-        await client.PostAsync($"{baseUrl}/auth/otp/send/gmail/{Environment.GetEnvironmentVariable("TEST_EMAIL")}", content);
-    }
-}
-</code></pre>
-        </div>
-      </div>
-
-      <!-- ==================== RUBY ==================== -->
-      <div class="panel hidden" data-lang="ruby">
-        <h3 class="text-2xl font-semibold mb-3">Ruby (net/http)</h3>
-        <div class="relative">
-          <button class="copy-btn" onclick="copyCode(this)">Copy</button>
-          <pre><code class="language-ruby">require 'net/http'
-require 'json'
-require 'uri'
-
-BASE   = ENV['OTP_BASE_URL'] || 'http://localhost:3000/api'
-GMAIL  = ENV['GMAIL_USER']
-PASS   = ENV['GMAIL_APP_PASS']
-EMAIL  = ENV['TEST_EMAIL']
-
-def post(uri, payload = nil)
-  req = Net::HTTP::Post.new(uri)
-  req['Content-Type'] = 'application/json'
-  req.body = payload.to_json if payload
-  Net::HTTP.start(uri.host, uri.port, use_ssl: uri.scheme == 'https') do |http|
-    http.request(req)
-  end
-end
-
-# 1. Generate
-uri = URI("#{BASE}/auth/otp/generate/6")
-otp = JSON.parse(post(uri).body)
-code = otp['code']
-puts "OTP: #{code}"
-
-# 2. Gmail
-payload = {
-  sender: {
-    email: GMAIL,
-    pass: PASS,
-    subject: 'Your OTP Code',
-    text: "Your OTP code is: #{code}",
-    html: "&lt;b&gt;Your OTP code is: #{code}&lt;/b&gt;"
-  }
-}
-post(URI("#{BASE}/auth/otp/send/gmail/#{EMAIL}"), payload)
-</code></pre>
-        </div>
-      </div>
-
-    </div>
-  </div>
-
-  <!-- Footer -->
-  <footer class="footer footer-center p-6 bg-base-300 text-base-content">
-    <div>
-      <p>Auth-verify REST API Guide <span class="font-bold">by <a class="nav-link" href="https://github.com/Jahongir2007">Jahongir Sobirov</a> &copy; 2025</span></p>
-    </div>
-  </footer>
-
-  <!-- JS: tab switching + copy -->
-  <script>
-    // Tab handling
-    document.querySelectorAll('.tab').forEach(tab => {
-      tab.addEventListener('click', () => {
-        document.querySelectorAll('.tab').forEach(t => t.classList.remove('tab-active'));
-        tab.classList.add('tab-active');
-
-        const lang = tab.getAttribute('data-lang');
-        document.querySelectorAll('.panel').forEach(p => {
-          p.classList.toggle('hidden', p.getAttribute('data-lang') !== lang);
-        });
-      });
-    });
-
-    // Copy button
-    function copyCode(btn) {
-      const code = btn.parentElement.querySelector('pre code').innerText;
-      navigator.clipboard.writeText(code).then(() => {
-        const original = btn.innerHTML;
-        btn.innerHTML = 'Copied!';
-        setTimeout(() => btn.innerHTML = original, 1500);
-      });
-    }
-  </script>
-</body>
-</html>