• Stars
    star
    2,253
  • Rank 20,441 (Top 0.5 %)
  • Language
    PHP
  • License
    BSD 2-Clause "Sim...
  • Created almost 13 years ago
  • Updated 8 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

PHP class to generate and verify Google Authenticator 2-factor authentication

Google Authenticator PHP class

Build Status

This PHP class can be used to interact with the Google Authenticator mobile app for 2-factor-authentication. This class can generate secrets, generate codes, validate codes and present a QR-Code for scanning the secret. It implements TOTP according to RFC6238

For a secure installation you have to make sure that used codes cannot be reused (replay-attack). You also need to limit the number of verifications, to fight against brute-force attacks. For example you could limit the amount of verifications to 10 tries within 10 minutes for one IP address (or IPv6 block). It depends on your environment.

Usage:

See following example:

<?php
require_once 'PHPGangsta/GoogleAuthenticator.php';

$ga = new PHPGangsta_GoogleAuthenticator();
$secret = $ga->createSecret();
echo "Secret is: ".$secret."\n\n";

$qrCodeUrl = $ga->getQRCodeGoogleUrl('Blog', $secret);
echo "Google Charts URL for the QR-Code: ".$qrCodeUrl."\n\n";

$oneCode = $ga->getCode($secret);
echo "Checking Code '$oneCode' and Secret '$secret':\n";

$checkResult = $ga->verifyCode($secret, $oneCode, 2);    // 2 = 2*30sec clock tolerance
if ($checkResult) {
    echo 'OK';
} else {
    echo 'FAILED';
}

Running the script provides the following output:

Secret is: OQB6ZZGYHCPSX4AK

Google Charts URL for the QR-Code: https://www.google.com/chart?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/infoATphpgangsta.de%3Fsecret%3DOQB6ZZGYHCPSX4AK

Checking Code '848634' and Secret 'OQB6ZZGYHCPSX4AK':
OK

Installation:

  • Use Composer to install the package

  • From project root directory execute following

composer install

  • Composer will take care of autoloading the library. Just include the following at the top of your file

    require_once __DIR__ . '/../vendor/autoload.php';

Run Tests:

  • All tests are inside tests folder.
  • Execute composer install and then run the tests from project root directory
  • Run as phpunit tests from the project root directory

ToDo:

  • ??? What do you need?

Notes:

If you like this script or have some features to add: contact me, visit my blog, fork this project, send pull requests, you know how it works.

More Repositories

1

WakeOnLAN

PHP class to create and send a magic packet to wake up a computer via Wake-On-LAN
PHP
58
star
2

FileWatcher

This PHP class detects file changes and sends alarms. Useful for detecting hackers changing website files.
PHP
43
star
3

WebsiteToImage

This small PHP class takes an URL and puts a screenshot to a file.
PHP
40
star
4

AnimatedCaptcha

This PHP class makes it easy to create animated GIFs, especially CAPTCHAs
PHP
26
star
5

SevenZipArchive

This PHP class makes it easy to handle archives with the command line version of 7-Zip
PHP
23
star
6

PHP-NCurses-Example

A simple php ncurses admin tool example
PHP
14
star
7

PayPal-IPN

PHP class to process PayPal Instant Payment Notifications (IPN)
PHP
11
star
8

RemovePHPEndTags

PHP class to remove PHP end tags of files in a directory recursively
PHP
9
star
9

Sesame

Demo files to show Googles "sesame" method.
PHP
9
star
10

MailNotifierWebfrontend

Small web interface for the mail notifier usb gadget
PHP
4
star
11

ID3Reader

http://www.phpgangsta.de/moglichkeiten-id3-informationen-aus-mp3s-auszulesen
PHP
4
star
12

String-Handiness

PHP script to calculate the handiness of a string
PHP
3
star
13

StringsInString

PHP script to calculate positions of strings in a long string
PHP
2
star
14

HstsCheck

PHP crawler to check Alexa Top 1M for HSTS header http://www.phpgangsta.de/hsts-http-strict-transport-security-hasts-schon
JavaScript
2
star
15

ImageLabeler

This PHP class adds text to an image, for example copyright information.
PHP
2
star
16

Array-conversion-script

Shorten the integer values of an array
PHP
2
star
17

RandomDiscreteGaussianNumbers

Little helper function to get a random number from a range, but not normal distributed, but gauss distributed
PHP
1
star
18

Four-In-A-Line-PHP-Client

http://phpgangsta.de/2295
PHP
1
star
19

streamwrapper

Experimental proxy object to allow dependency injection into PHP streamwrappers.
PHP
1
star