PHPGangsta/GoogleAuthenticator PHPGangsta/GoogleAuthenticator

Authorization
  • Stars
    star
    2,212
  • Rank 20,002 (Top 0.5 %)
  • Language
    PHP
  • License
    BSD 2-Clause "Sim...
  • Created about 12 years ago
  • Updated 17 days ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
PHPGangsta/GoogleAuthenticator
github

PHPGangsta

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

PHP class to generate and verify Google Authenticator 2-factor authentication

Google Authenticator PHP class

Build Status

This PHP class can be used to interact with the Google Authenticator mobile app for 2-factor-authentication. This class can generate secrets, generate codes, validate codes and present a QR-Code for scanning the secret. It implements TOTP according to RFC6238

For a secure installation you have to make sure that used codes cannot be reused (replay-attack). You also need to limit the number of verifications, to fight against brute-force attacks. For example you could limit the amount of verifications to 10 tries within 10 minutes for one IP address (or IPv6 block). It depends on your environment.

Usage:

See following example:

<?php
require_once 'PHPGangsta/GoogleAuthenticator.php';

$ga = new PHPGangsta_GoogleAuthenticator();
$secret = $ga->createSecret();
echo "Secret is: ".$secret."\n\n";

$qrCodeUrl = $ga->getQRCodeGoogleUrl('Blog', $secret);
echo "Google Charts URL for the QR-Code: ".$qrCodeUrl."\n\n";

$oneCode = $ga->getCode($secret);
echo "Checking Code '$oneCode' and Secret '$secret':\n";

$checkResult = $ga->verifyCode($secret, $oneCode, 2);    // 2 = 2*30sec clock tolerance
if ($checkResult) {
    echo 'OK';
} else {
    echo 'FAILED';
}

Running the script provides the following output:

Secret is: OQB6ZZGYHCPSX4AK

Google Charts URL for the QR-Code: https://www.google.com/chart?chs=200x200&chld=M|0&cht=qr&chl=otpauth://totp/infoATphpgangsta.de%3Fsecret%3DOQB6ZZGYHCPSX4AK

Checking Code '848634' and Secret 'OQB6ZZGYHCPSX4AK':
OK

Installation:

  • Use Composer to install the package

  • From project root directory execute following

composer install

  • Composer will take care of autoloading the library. Just include the following at the top of your file

    require_once __DIR__ . '/../vendor/autoload.php';

Run Tests:

  • All tests are inside tests folder.
  • Execute composer install and then run the tests from project root directory
  • Run as phpunit tests from the project root directory

ToDo:

  • ??? What do you need?

Notes:

If you like this script or have some features to add: contact me, visit my blog, fork this project, send pull requests, you know how it works.

More Repositories

1

WakeOnLAN

PHP class to create and send a magic packet to wake up a computer via Wake-On-LAN
PHP
56
star
2

FileWatcher

This PHP class detects file changes and sends alarms. Useful for detecting hackers changing website files.
PHP
42
star
3

WebsiteToImage

This small PHP class takes an URL and puts a screenshot to a file.
PHP
40
star
4

AnimatedCaptcha

This PHP class makes it easy to create animated GIFs, especially CAPTCHAs
PHP
25
star
5

SevenZipArchive

This PHP class makes it easy to handle archives with the command line version of 7-Zip
PHP
23
star
6

PHP-NCurses-Example

A simple php ncurses admin tool example
PHP
14
star
7

PayPal-IPN

PHP class to process PayPal Instant Payment Notifications (IPN)
PHP
11
star
8

RemovePHPEndTags

PHP class to remove PHP end tags of files in a directory recursively
PHP
9
star
9

Sesame

Demo files to show Googles "sesame" method.
PHP
9
star
10

MailNotifierWebfrontend

Small web interface for the mail notifier usb gadget
PHP
4
star
11

ID3Reader

http://www.phpgangsta.de/moglichkeiten-id3-informationen-aus-mp3s-auszulesen
PHP
4
star
12

String-Handiness

PHP script to calculate the handiness of a string
PHP
3
star
13

StringsInString

PHP script to calculate positions of strings in a long string
PHP
2
star
14

HstsCheck

PHP crawler to check Alexa Top 1M for HSTS header http://www.phpgangsta.de/hsts-http-strict-transport-security-hasts-schon
JavaScript
2
star
15

ImageLabeler

This PHP class adds text to an image, for example copyright information.
PHP
2
star
16

Array-conversion-script

Shorten the integer values of an array
PHP
2
star
17

RandomDiscreteGaussianNumbers

Little helper function to get a random number from a range, but not normal distributed, but gauss distributed
PHP
1
star
18

Four-In-A-Line-PHP-Client

http://phpgangsta.de/2295
PHP
1
star
19

streamwrapper

Experimental proxy object to allow dependency injection into PHP streamwrappers.
PHP
1
star