The string you have to encode is:
otpauth://totp/ApplicationName?secret= + key.base32
ApplicationName
is the name of your application that you want to have displayed in Google Authenticator.
Your implementation would look something like this:
var key = speakeasy.generate_key( {length : 20} );
qrcode.generate( "otpauth://totp/foo?secret=" + key.base32, function( qrcode ) {
console.log( qrcode );
} );
There's also official documentation available on the format.