Skip to content

s3b4stian/GoogleAuthenticator

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

64 Commits

src

src

 
 

tests

tests

 
 

.gitignore

.gitignore

 
 

.scrutinizer.yml

.scrutinizer.yml

 
 

.styleci.yml

.styleci.yml

 
 

.travis.yml

.travis.yml

 
 

CHANGELOG.md

CHANGELOG.md

 
 

LICENSE.md

LICENSE.md

 
 

README.md

README.md

 
 

composer.json

composer.json

 
 

phpunit.xml

phpunit.xml

 
 

Repository files navigation

Google Authenticator PHP class

Build Status Scrutinizer Code Quality Code Coverage StyleCI PDS Skeleton PHP 7.1

This PHP class can be used to interact with the Google Authenticator mobile app for 2-factor-authentication. This class can generate secrets, generate codes, validate codes and present a QR-Code for scanning the secret. It implements TOTP according to RFC6238

For a secure installation you have to make sure that used codes cannot be reused (replay-attack). You also need to limit the number of verifications, to fight against brute-force attacks. For example you could limit the amount of verifications to 10 tries within 10 minutes for one IP address (or IPv6 block). It depends on your environment.

Differences with the original branch:

  • PHP 7.1 support
  • Strict type checking
  • php-pds/skeleton compliant
  • namespaces added for library and tests
  • Google QR code url removed beacause Google QR api are deprecated

Usage:

See following example:

<?php
include '../GoogleAuthenticator/vendor/autoload.php';

use PHPGangsta\GoogleAuthenticator;

$ga = new GoogleAuthenticator();
$secret = $ga->createSecret();
echo "Secret is: ".$secret."\n\n";

$oneCode = $ga->getCode($secret);
echo "Checking Code '$oneCode' and Secret '$secret':\n";

$checkResult = $ga->verifyCode($secret, $oneCode, 2);    // 2 = 2*30sec clock tolerance
if ($checkResult) {
    echo 'OK';
} else {
    echo 'FAILED';
}

Running the script provides the following output:

Secret is: OQB6ZZGYHCPSX4AK

Checking Code '848634' and Secret 'OQB6ZZGYHCPSX4AK':
OK

Installation:

  • Use Composer to install the package

  • From project root directory execute following

composer install

  • Composer will take care of autoloading the library. Just include the following at the top of your file

    require_once __DIR__ . '/../vendor/autoload.php';

Run Tests:

  • All tests are inside tests folder.
  • Execute composer install and then run the tests from project root directory
  • Run phpunit from the project root directory

Notes:

If you like this script or have some features to add: contact me, visit my blog, fork this project, send pull requests, you know how it works.

About

PHP class to generate and verify Google Authenticator 2-factor authentication

phpgangsta.de/4376

Resources

Readme

License

BSD-2-Clause license
Activity

Stars

2 stars

Watchers

2 watching

Forks

0 forks
Report repository

Releases

1 tags

Packages

No packages published

Languages

  • PHP 100.0%