Implementing TOTP in Springboot 3.4.2

Hello everyone, I'm attempting to implement TOTP in my application.

Im reading a lot about it but some questions still remain. I hope you guys can help me xd

Im thinking about using the following library:
https://github.com/BastiaanJansen/otp-java?tab=readme-ov-file

Questions:

1) Should I use this library since its the only library with most recent commits? The others I have found are old(?)

2) How should I keep the secrets?
The readme says:
// Generate a secret (or use your own secret) byte[] secret = SecretGenerator.generate();

Should I encrypt and save this secret for each user in the database?

3) For each time a user logins, I should instantiate the following code? And then use the totp object to validate user code input?

TOTPGenerator totp = new TOTPGenerator.Builder(secret)        .withHOTPGenerator(builder -> {            builder.withPasswordLength(6);            builder.withAlgorithm(HMACAlgorithm.SHA1); // SHA256 and SHA512 are also supported        })        .withPeriod(Duration.ofSeconds(30))        .build();

4) How do I create a QRCode so the user can setup its microsoft authenticator?
I know I can use a library like this one:
https://mvnrepository.com/artifact/io.nayuki/qrcodegen/1.8.0

But how should I build the QRCode?




I really appreciate any help. I have never implemented this before. xd

Consider using this: https://github.com/samdjstevens/java-totp/tree/master/totp-spring-boot-starter

and to answer your question ( 1) Should I use this library since its the only library with most recent commits? The others I have found are old(?) ): No because its a fixed standard, https://datatracker.ietf.org/doc/html/rfc6238 , which will not likely to be changed.

all of other questions and concerns are answered through the library I attached.