lsat/yii2-otp
Composer 安装命令:
composer require lsat/yii2-otp
包简介
LSAT YII2 extension for generating one time passwords according to RFC 4226/6238 (HOTP/TOTP Algorithm) and authentication widget , Upgrade version lib 2amigos/qrcode-library and spomky-labs/otphp from https://github.com/sam002/yii2-otp (sam002/yii2-otp) Support PHP to ^8.0
README 文档
README
LSAT Yii2 OTP
How to install
docker-compose exec api composer require lsat/yii2-otp:~1.0.0
Or
composer require lsat/yii2-otp:~1.0.0
or Add
"lsat/yii2-otp" : "~1.0.0"
to the require section of your application's composer.json file.
Add components to web.php or console.php
'components' => [
'otp' => [
'class' => lsat\otp\Otp::class,
// 'totp' only now
'algorithm' => lsat\otp\Otp::ALGORITHM_TOTP,
// length of code
'digits' => 6,
// Algorithm for hashing
'digest' => 'sha1',
// Label of application
'label' => '1022_Bình Dương',
// Uri to image (application icon)
// 'imgLabelUrl' => \yii\helpers\Url::to('\app\web\logo.php'),
// Betwen 8 and 1024
'secretLength' => 72,
// Time interval in seconds, must be at least 1
'interval' => 30,
'issuer' => '1022_BD',
],
]
Use Behavior
Set behavior in model
<?php
...
'behavior' => [
'otp' => [
'class' => lsat\otp\behavior\OtpBehavior::className(),
// Component name
'component' => 'otp',
// column|property name for get and set secure phrase
//'secretAttribute' => 'secret'
// column|property name for get code and confirm secret
//'codeAttribute' => 'code'
//Window in time for check authorithation (current +/- window*interval)
//'window' => 0
],
...
]
attachBehavior with dynamic form
// create form or load secret form for each user
$dynamicModel = new yii\base\DynamicModel(['code','secret']);
$dynamicModel->addRule(['code'],'required');
$dynamicModel->addRule(['code'],'string', ['min' => 6]);
$dynamicModel->addRule(['secret'],'string');
// set secret attribute
$dynamicModel->secret = "YOURSECRET";
$dynamicModel->attachBehavior("otp", [
'class' => OtpBehavior::class,
// 'secretAttribute' => "CustomSecretField",
// 'codeAttribute' => "CustomCodeField",
]);
// Load value code attribute
$code = Yii::$app->request->post("code");
$dynamicModel->code = $code;
// Validate otp code and secret attribute
if (!$dynamicModel->validate()) {
var_dump($dynamicModel->errors);
}
Widget for generate init QR-code.
Read more about QrParams in the qrcode-library
<?php
echo $form->field($model, 'secret')->widget(
lsat\otp\widgets\OtpInit::class, [
'component' => 'otp',
// link text
'link' => false,
'QrParams' => [
// pixels width
'size' => 200,
// margin around QR-code
'margin' => 10,
// Path to logo on image
'logo' => Yii::getAlias("@app/web/icon.png"),
// Width logo on image
'logoWidth' => 50,
// RGB color
'foregroundColor' => [0, 0, 0],
// RGB color
'backgroundColor' => [255, 255, 255],
// Qulity of QR: LOW, MEDIUM, HIGHT, QUARTILE
'level' => ErrorCorrectionLevelInterface::HIGH,
// Image format: PNG, JPG, SVG, EPS
'type' => PngWriter::class,
// Locale
'encoding' => 'UTF-8',
// Text on image under QR code
'label' => '',
// by default image create and save at Yii::$app->runtimePath . '/temporaryQR/'
// 'outfile' => '/tmp/'.uniqid(),
// save or delete after generate
'save' => false,
]
])->label(false);
?>
lsat/yii2-otp 适用场景与选型建议
lsat/yii2-otp 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 918 次下载、GitHub Stars 达 0, 最近一次更新时间为 2023 年 12 月 13 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「Authentication」 「two-factor」 「otp」 「hotp」 「totp」 「yii2」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 lsat/yii2-otp 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 lsat/yii2-otp 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 lsat/yii2-otp 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Filament Two Factor Authentication: Google 2FA + Passkey Authentication
Automatically logs-in users if they are already authenticated by a remote source. (e.g. environment variable REMOTE_USER)
GraphQL authentication for your headless Craft CMS applications.
Novactive eZ 2FA Bundle is an Ibexa bundle that provides two-factor authentication for your Ibexa project
Two-factor Authentication for WordPress
Laravel middleware to restrict a site or specific routes using HTTP basic authentication
统计信息
- 总下载量: 918
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 24
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: GPL-3.0
- 更新时间: 2023-12-13