googleauthenticator's Introduction

Google Authenticator (TOTP)

English | 中文

This is a fork of https://github.com/PHPGangsta/GoogleAuthenticator with the following changes:

Uses https://github.com/endroid/qr-code to generate QR code data URIs
No longer generates Google's Chart API to make QR code links
Uses namespacing
Augmented test coverage to 100%
Bumped minimum PHP version to 8.1

Original License:

Copyright (c) 2012-2016, http://www.phpgangsta.de
Author: Michael Kliewe, @PHPGangsta and contributors
Licensed under the BSD License.

Description:

This PHP class can be used to interact with the Google Authenticator mobile app for 2-factor-authentication. This class can generate secrets, generate codes, validate codes and present a QR-Code for scanning the secret. It implements TOTP according to RFC6238

For a secure installation you have to make sure that used codes cannot be reused (replay-attack). You also need to limit the number of verifications, to fight against brute-force attacks. For example you could limit the amount of verifications to 10 tries within 10 minutes for one IP address (or IPv6 block). It depends on your environment.

Usage:

See following example:

<?php
require_once 'vendor/autoload.php';

use Vectorface\GoogleAuthenticator;

$ga = new GoogleAuthenticator();
$secret = $ga->createSecret();
echo "Secret is: {$secret}\n\n";

$qrCodeUrl = $ga->getQRCodeUrl('Admin', $secret, 'Blog');
echo "PNG Data URI for the QR-Code: {$qrCodeUrl}\n\n";

$oneCode = $ga->getCode($secret);
echo "Checking Code '$oneCode' and Secret '$secret':\n";

// 2 = 2*30sec clock tolerance
$checkResult = $ga->verifyCode($secret, $oneCode, 2);
if ($checkResult) {
    echo 'OK';
} else {
    echo 'FAILED';
}

Running the script provides output similar to:

Secret is: OQB6ZZGYHCPSX4AK

PNG Data URI for the QR-Code: data:image/png;base64,iVBORw0KGgoAAAANSUhEUgAAARgAAAEYCAIAAAAI[snipped]

Checking Code '848634' and Secret 'OQB6ZZGYHCPSX4AK':
OK

Installation:

Use Composer to install the package

composer require vectorface/googleauthenticator

Run Tests:

All tests are inside tests folder.
Execute composer install to prepare your environment.
Run composer test from the project root directory.

googleauthenticator's People

Contributors

Stargazers

Watchers

googleauthenticator's Issues

Allways return false ?

Hi I am tring to get this working, but it allways return false, also then the code is right, is it a bug or something?

` $data = $this->validate($request, [
'otp' => ['nullable', 'integer',],
]);

    $ga = new GoogleAuthenticator();

    // 2 = 2*30sec clock tolerance
    $checkResult = $ga->verifyCode("TJRMM4M6HOOKRV2R", $data['otp'], 2);
    echo $data['otp'];
    dd($checkResult);
    if ($checkResult) {
        echo 'OK';
    } else {
        echo 'FAILED';
    }`

Recommend Projects

vectorface / googleauthenticator Goto Github PK

googleauthenticator's Introduction

Google Authenticator (TOTP)

Original License:

Description:

Usage:

Installation:

Run Tests:

googleauthenticator's People

Contributors

Stargazers

Watchers

Forkers

googleauthenticator's Issues

Allways return false ?

Recommend Projects

React

Vue.js

Typescript

TensorFlow

Django

Laravel

D3

Recommend Topics

javascript

web

server

Machine learning

Visualization

Game

Recommend Org

Facebook

Microsoft

Google

Alibaba

D3

Tencent