0

GoogleAuthenticator

PHP class to generate and verify Google Authenticator 2-factor authentication

Official Site
Github repo
Main metrics
  • Owner: PHPGangsta/GoogleAuthenticator
  • Platform:
  • License:: BSD 2-Clause "Simplified" License
  • Category::
  • Topic:
  • Like:
    0
      Compare:

Github stars Tracking Chart

Google Authenticator PHP class

Build Status

This PHP class can be used to interact with the Google Authenticator mobile app for 2-factor-authentication. This class
can generate secrets, generate codes, validate codes and present a QR-Code for scanning the secret. It implements TOTP
according to RFC6238

For a secure installation you have to make sure that used codes cannot be reused (replay-attack). You also need to
limit the number of verifications, to fight against brute-force attacks. For example you could limit the amount of
verifications to 10 tries within 10 minutes for one IP address (or IPv6 block). It depends on your environment.

Usage:

See following example:

<?php
require_once 'PHPGangsta/GoogleAuthenticator.php';

$ga = new PHPGangsta_GoogleAuthenticator();
$secret = $ga->createSecret();
echo "Secret is: ".$secret."\n\n";

$qrCodeUrl = $ga->getQRCodeGoogleUrl('Blog', $secret);
echo "Google Charts URL for the QR-Code: ".$qrCodeUrl."\n\n";

$oneCode = $ga->getCode($secret);
echo "Checking Code '$oneCode' and Secret '$secret':\n";

$checkResult = $ga->verifyCode($secret, $oneCode, 2);    // 2 = 2*30sec clock tolerance
if ($checkResult) {
    echo 'OK';
} else {
    echo 'FAILED';
}

Running the script provides the following output:

Secret is: OQB6ZZGYHCPSX4AK

Google Charts URL for the QR-Code: https://www.google.com/chart?chs=200x200&chld=M, 0&cht=qr&chl=otpauth://totp/infoATphpgangsta.de%3Fsecret%3DOQB6ZZGYHCPSX4AK

Checking Code '848634' and Secret 'OQB6ZZGYHCPSX4AK':
OK

Installation:

  • Use Composer to
    install the package

  • From project root directory execute following

composer install

  • Composer will take care of autoloading
    the library. Just include the following at the top of your file

    require_once __DIR__ . '/../vendor/autoload.php';

Run Tests:

  • All tests are inside tests folder.
  • Execute composer install and then run the tests from project root
    directory
  • Run as phpunit tests from the project root directory

ToDo:

  • ??? What do you need?

Notes:

If you like this script or have some features to add: contact me, visit my blog, fork this project, send pull requests, you know how it works.

Main metrics

Overview
Name With OwnerPHPGangsta/GoogleAuthenticator
Primary LanguagePHP
Program languagePHP (Language Count: 1)
Platform
License:BSD 2-Clause "Simplified" License
所有者活动
Created At2012-03-11 23:12:04
Pushed At2024-04-30 12:57:04
Last Commit At2019-03-20 01:55:58
Release Count1
Last Release Namev1.0.1 (Posted on )
First Release Namev1.0.1 (Posted on )
用户参与
Stargazers Count2.3k
Watchers Count129
Fork Count707
Commits Count63
Has Issues Enabled
Issues Count76
Issue Open Count47
Pull Requests Count15
Pull Requests Open Count13
Pull Requests Close Count8
项目设置
Has Wiki Enabled
Is Archived
Is Fork
Is Locked
Is Mirror
Is Private