battlerattle/doorman

This package is abandoned and no longer maintained. No replacement package was suggested.

RFC compliant Two Factor Authentication for Time-Based One-Time Password and HMAC-Based One-Time Password algorithm with support for Google Authenticator

Maintainers

Details

github.com/BattleRattle/doorman

Source

Issues

Installs: 47

Dependents: 0

Suggesters: 0

Security: 0

Stars: 5

Watchers: 1

Forks: 0

Open Issues: 0

v1.1.0 2017-08-19 14:01 UTC

Requires

  • php: ^7.0

Requires (Dev)

MIT 4e4cca0b5f5f75efe101af37cb731a6d3478cdf8

  • Norman Soetbeer <norman.soetbeer.woop@gmail.com>

google authenticatortotpoathone-time passwordRFC 6238Two Factor Authentication

This package is not auto-updated.

Last update: 2020-08-21 17:44:09 UTC

README

Build status: Build Status

Doorman is an RFC-compliant implementation of the TOTP (Time-Based One-Time Passsword, RFC 6238) algorithm, which is commonly used for Two Factor Authentication.

A wrapper for the Google Authenticator - a key manager and code generator, which can be downloaded for free, is also available. It also works for other 3rd party code generators, that use the TOTP algorithm.

Requirements

You need at least a 64-bit version of PHP 5.4 or HHVM.

Installation via Composer

Use Composer CLI:

php composer.phar require battlerattle/doorman:1.0.*@dev

Or add battlerattle/doorman to your composer.json:

"require": {
    "battlerattle/doorman": "1.0.*@dev"
},

Usage

This is a pretty basic example

use BattleRattle\Doorman\Authentication\TimeBasedAuthenticator;

// get the code from user input
$code = '...';

// the user's secret key
$key = '...';

$authenticator = new TimeBasedAuthenticator();
$result = $authenticator->authenticate($key, $code);

if ($result) {
    echo 'Welcome, you successfully logged in';
} else {
    echo 'Nope, please try again';
}

Google Authenticator

In this example we use the Google Authenticator, which uses base32-encoded keys, that will be decoded internally.

use BattleRattle\Doorman\Authentication\GoogleAuthenticator;

$code = '...';
$key = '...';

$authenticator = new GoogleAuthenticator();
$result = $authenticator->authenticate($key, $code);

if ($result) {
    echo 'Welcome, you successfully logged in';
} else {
    echo 'Nope, please try again';
}

Key Generator

This generator creates "Google Authenticator"-compliant keys:

use BattleRattle\Doorman\KeyGeneration\GoogleAuthKeyGenerator;

$keyGenerator = new GoogleAuthKeyGenerator;
$key = $keyGenerator->generateKey();

// it's good practice to split the key into chunks of 4 characters for better readability
$formattedKey = implode(' ', str_split($key, 4));

echo 'Add this key to your authenticator: ' . $formattedKey;

References