lorddashme/php-two-factor-auth

A PHP library for RFC 4226 and RFC 6238.

Maintainers

Details

github.com/LordDashMe/php-two-factor-auth

Source

Issues

Installs: 13

Dependents: 0

Suggesters: 0

Security: 0

Stars: 3

Watchers: 3

Forks: 1

Open Issues: 0

1.0.2 2020-05-19 06:04 UTC

Requires

  • php: >=5.3 || >=5.4 || >=5.6 || >=7.0 || >=7.1 || >=7.2

Requires (Dev)

MIT fedd74cc321db378a015917f780b63215e1cb4ff

Authenticationotphotptotprfc4226rfc6238two-way-authentication

This package is auto-updated.

Last update: 2024-10-30 02:04:59 UTC

README

A PHP library for RFC 4226 and RFC 6238.

Latest Stable Version Minimum PHP Version Coverage Status

Requirement(s)

  • PHP version from 5.6.* up to latest.

Install

  • Recommended to install using Composer. Use the command below to install the package:
composer require lorddashme/php-two-factor-auth

Usage

HOTP

  • To generate HMAC-based One-Time Password algorithm:
<?php

require __DIR__  . '/vendor/autoload.php';

use LordDashMe\TwoFactorAuth\RFC4226\HOTP;
use LordDashMe\TwoFactorAuth\Utility\Base32;

$secret = Base32::encode('P@ssw0rd!');

$hotp = new HOTP($secret);

$hotp->setLength(6)
     ->setAlgorithm('sha1')
     ->prepare()
     ->generate();

echo $hotp->get(); // 444555
  • To verify the generated HOTP:
<?php

require __DIR__  . '/vendor/autoload.php';

use LordDashMe\TwoFactorAuth\RFC4226\HOTP;
use LordDashMe\TwoFactorAuth\Utility\Base32;

$secret = Base32::encode('P@ssw0rd!');

$hotp = new HOTP($secret);

$hotp->setLength(6)
     ->setAlgorithm('sha1')
     ->prepare();

echo $hotp->verify('444555'); // true

TOTP

  • To generate Time-Based One-Time Password algorithm:
<?php

require __DIR__  . '/vendor/autoload.php';

use LordDashMe\TwoFactorAuth\RFC6238\TOTP;
use LordDashMe\TwoFactorAuth\Utility\Base32;

$secret = Base32::encode('P@ssw0rd!');

$totp = new TOTP($secret);

$totp->setTimeZone('Asia/Manila')
     ->setTimeRemainingInSeconds(30)
     ->setTimeAdjustments(10)
     ->setLength(6)
     ->setAlgorithm('sha1')
     ->prepare()
     ->generate();

echo $totp->get(); // 552344
  • To verify the generated TOTP:
<?php

require __DIR__  . '/vendor/autoload.php';

use LordDashMe\TwoFactorAuth\RFC6238\TOTP;
use LordDashMe\TwoFactorAuth\Utility\Base32;

$secret = Base32::encode('P@ssw0rd!');

$totp = new TOTP($secret);

$totp->setTimeZone('Asia/Manila')
     ->setTimeRemainingInSeconds(30)
     ->setTimeAdjustments(10)
     ->setLength(6)
     ->setAlgorithm('sha1')
     ->prepare();

echo $totp->verify('552344'); // true

Google Authenticator Barcode Generation

  • To generate a barcode image that will use by the Google Authenticator mobile app:
<?php

require __DIR__  . '/vendor/autoload.php';

use LordDashMe\TwoFactorAuth\Utility\Base32;
use LordDashMe\TwoFactorAuth\GoogleAuthenticator\BarcodeURL;
use LordDashMe\TwoFactorAuth\GoogleAuthenticator\TOTPFormat;

$secret = Base32::encode('P@ssw0rd!');
$accountUser = 'reyesjoshuaclifford@gmail.com';
$issuer = 'TwoFactorAuth';
$digits = 6;
$period = 30;
$algorithm = 'sha1';

$format = new TOTPFormat($period);

$barcodeURL = new BarcodeURL($secret, $accountUser, $issuer, $format);

$barcodeURL->setAlgorithm($algorithm) // sha1 (Default), sha256, sha512
           ->setDigits($digits)
           ->build();

echo $barcodeURL->get(); // https://chart.googleapis.com/chart?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/TwoFactorAuth:reyesjoshuaclifford@gmail.com?secret=KBAHG43XGBZGIII&algorithm=SHA1&digits=6&period=30&issuer=TwoFactorAuth

Other Reference

License

This package is open-sourced software licensed under the MIT license.