Skip to content
next
Switch branches/tags
Code

Latest commit

 

Git stats

Files

Permalink
Failed to load latest commit information.
Type
Name
Latest commit message
Commit time
 
 
app
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
Twilio

Twilio Account Security Quickstart - Two-Factor Authentication and Phone Verification

We are currently in the process of updating this sample template. If you are encountering any issues with the sample, please open an issue at github.com/twilio-labs/code-exchange/issues and we'll try to help you.

About

A simple PHP, Laravel and AngularJS implementation of a website that uses Twilio Account Security services to protect all assets within a folder. Additionally, it shows a Phone Verification implementation.

It uses four channels for delivery, SMS, Voice, Soft Tokens, and Push Notifications. You should have the Authy App installed to try Soft Token and Push Notification support.

Implementations in other languages:

.NET Java Node Python Ruby
TBD Done Done Done Done

Features

  • URL path "/protected" is protected with both user session and Twilio Two-Factor Authentication
  • One Time Passwords (SMS and Voice)
  • SoftTokens
  • Push Notifications (via polling)
  • Phone Verification
    • SMS or Voice Call

Set up

Requirements

Twilio Account Settings

This application should give you a ready-made starting point for writing your own application. Before we begin, we need to collect all the config values we need to run the application:

Config Value Description
Account Sid Your primary Twilio account identifier - find this in the Console.
Auth Token Used to authenticate - just like the above, you'll find this here.
Verification Sid For Verification Service. You can generate one here
Account Security Api Key Create a new Authy application in the console. After you give it a name you can view the generated Account Security production API key. This is the string you will later need to set up in your environmental variables.

How to get an Authy API Key

You will need to create a new Authy application in the console. After you give it a name you can view the generated Account Security production API key. This is the string you will later need to set up in your environmental variables.

Get Authy API Key

Local development

After the above requirements have been met:

  1. Clone this repository and cd into it

    git clone git@github.com:TwilioDevEd/account-security-quickstart-php.git
    cd account-security-quickstart-php
  2. Install PHP dependencies

    make install
  3. Set your environment variables

    cp .env.example .env

    See Twilio Account Settings to locate the necessary environment variables.

  4. Run the application

    make serve
  5. Navigate to http://localhost:8000

    That's it!

Docker

If you have Docker already installed on your machine, you can use our docker-compose.yml to setup your project.

  1. Make sure you have the project cloned.
  2. Setup the .env file as outlined in the Local Development steps.
  3. Run docker-compose up.

To try Authy Two-Factor Authentication

Open the following url in your browser: http://localhost:8000/login

At that point you can test a channel. To test another, simply logout after your success and login again.

To try Verify Phone Verification

Open the following url in your browser: http://localhost:8000/verify

At that point you can test SMS/Phone Calls. To test another, simply logout after your success. You'll be brought back to the index page to try again with the other.

Unit and Integration Tests

You can run the Unit tests locally by typing:

vendor/bin/phpunit

Cloud deployment

Additionally to trying out this application locally, you can deploy it to a variety of host services. Here is a small selection of them.

Please be aware that some of these might charge you for the usage or might make the source code for this application visible to the public. When in doubt research the respective hosting service first.

Service
Heroku Deploy

Resources

  • The CodeExchange repository can be found here.

Contributing

This template is open source and welcomes contributions. All contributions are subject to our Code of Conduct.

License

MIT

Disclaimer

No warranty expressed or implied. Software is as is.

About

No description or website provided.

Topics

Resources

License

Code of conduct

Releases

No releases published

Packages

No packages published