Ported from http://code.google.com/p/google-authenticator/
You can use the Google Authenticator app from here http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=1066447 to generate One Time Passwords/Tokens and check them with this little PHP app (Of course, you can also create them with this).
Add the dependency:
php composer.phar require sonata-project/google-authenticatorIf asked for a version, type in 'dev-master' (unless you want another version):
Please provide a version constraint for the sonata-project/google-authenticator requirement: dev-masterSee example.php for how to use it.
There's a little web app showing how it works in web/, please make users.dat writeable for the webserver, doesn't really work otherwise (it can't save the secret). Try to login with chregu/foobar.
What's missing in the example:
- Prevent replay attacks. One token should only be used once
- Show QR Code only when providing password again (or not at all)
- Regenerate secret
For questions and proposals you can post on this google groups
- Sonata Users: Only for user questions
- Sonata Devs: Only for devs