xruff/totpauth

Nette extension for Time-Based One-Time Password Algorithm

Maintainers

Details

github.com/XRuff/TotpAuth

Source

Issues

Installs: 192

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 2

Forks: 0

Open Issues: 0

v2.0.1 2020-05-28 21:58 UTC

Requires

Requires (Dev)

MIT 2b1719d3d4f97172b855b9ac481d01e1a3d7d554

  • Pavel Lauko

googlenettecomponentqrcodetotpqrnette-framework

This package is auto-updated.

Last update: 2024-03-29 03:50:43 UTC

README

Nette extension for Time-Based One-Time Password Algorithm

Requirements

Package requires PHP 7.0 or higher

Installation

The best way to install XRuff/TotpAuth is using Composer:

$ composer require xruff/totpAuth

Scenario

  • logged user activate 2FA in account settings:
  • next login to your application:
    • user log in standard way (login + password...) and see second login page with form with one field
    • provide code from Authenticator mobile aplication
    • pass through if provided code is right

Documentation

Assumptions:

  • create table qr in database, use schema from file sql/qr.sql
  • $user->indentity have to contain properties id and username

Configuration in config.neon.

extensions:
    totpAuth: XRuff\TotpAuth\DI\TotpAuthExtension

totpAuth:
    issuer: NameOfMyApp  # mandatory
    identityKey: login   # optional, Default is 'login' eg $user->identity->login
    timeWindow: 1        # optional - time tolerance
    codeSize: '300x300'  # optional - size ofgenerated QR code

Presenter:

use XRuff\TotpAuth\Auth;
use Nette\Application\UI;

class HomepagePresenter extends Nette\Application\UI\Presenter
{
    /** @var Auth $auth */
    public $auth;

    public function __construct(Auth $auth)
    {
        $this->auth = $auth;
    }

    public function renderDefault() {
        $this->template->qrCode = $this->auth->getQrBase64();
    }

    public function handleSaveUrl()
    {
        $this->auth->saveSecret();
        $this->redirect('this');
    }

    public function handleResetUrl()
    {
        $this->auth->resetSecret();
        $this->redirect('this');
    }

    protected function createComponentCodeForm()
    {
        $form = new UI\Form;
        $form->addText('code', 'Code');
        $form->addSubmit('submit', 'Auth me');
        $form->onSuccess[] = [$this, 'codeFormSucceeded'];
        return $form;
    }

    public function codeFormSucceeded(UI\Form $form, $values)
    {
        if ($this->auth->verify($values->code)) {
            $this->flashMessage('Success!');
        } else {
            $this->flashMessage('Wrong code.');
        }
        $this->redirect('this');
    }
}

default.latte:

    ...
    {if $qrCode}
        <img src="{$qrCode|nocheck}" alt="">
        <br>
        <a n:href="saveUrl!" class="btn btn-success">Confirm Code (have been added to Mobile Authenticator App)</a>
    {else}
        {control codeForm}
        <a n:href="resetUrl!" class="btn btn-success">Reset auth code</a>
    {/if}
    ...

Repository https://github.com/XRuff/TotpAuth.