Ported from http://code.google.com/p/google-authenticator/
You can use the Google Authenticator app from here http://www.google.com/support/accounts/bin/answer.py?hl=en&answer=1066447 to generate One Time Passwords/Tokens and check them with this little PHP app (Of course, you can also create them with this).
Installation using Composer
composer require sonata-project/google-authenticator
See example.php for how to use it.
There's a little web app showing how it works in web/, please make users.dat writeable for the webserver, doesn't really work otherwise (it can't save the secret). Try to login with chregu/foobar.
What's missing in the example:
- Prevent replay attacks. One token should only be used once
- Show QR Code only when providing password again (or not at all)
- Regenerate secret
For general support and questions, please use StackOverflow.
If you think you found a bug or you have a feature idea to propose, feel free to open an issue after looking at the contributing guide.
This package is available under the MIT license.