hosseinhezami/totp-authenticator

A PHP library for Time-based One-Time Password (TOTP) authentication

Maintainers

Details

github.com/hosseinhezami/totp-authenticator

Source

Issues

Installs: 35

Dependents: 0

Suggesters: 0

Security: 0

Stars: 2

Watchers: 2

Forks: 0

Open Issues: 0

v1.0.0 2025-09-05 09:48 UTC

Requires

  • php: >=7.4

MIT 2c8cabe0a315ba5901aea90dbe5fe18f9a931727

  • Hossein Hezami <hossein.hezami.woop@gmail.com>

This package is auto-updated.

Last update: 2025-09-26 04:56:55 UTC

README

A PHP library for Time-based One-Time Password (TOTP) authentication, compatible with Google Authenticator and other 2FA apps.

Installation

composer require hosseinhezami/totp-authenticator

Usage

use HosseinHezami\TotpAuthenticator\Authenticator;

// Generate a new secret key
$secret = Authenticator::createSecret();

// Generate a TOTP code
$code = Authenticator::generateCode($secret);

// Verify the code
$isValid = Authenticator::verifyCode($secret, $code);
var_dump($isValid); // true

// Generate a QR code URL for Google Authenticator
$qrCodeUrl = Authenticator::generateQrCodeUrl("user@example.com", $secret, "MyApp");
echo $qrCodeUrl;

Example QR Code URL

https://quickchart.io/qr?text=otpauth://totp/user@example.com?secret=XXXX&issuer=MyApp

Features

  • Generate cryptographically secure secrets
  • Generate TOTP codes (RFC 6238)
  • Verify codes with time drift tolerance
  • Generate QR code URLs for Google Authenticator and similar apps
  • Timing-safe comparison to prevent timing attacks