承接 mindgruve/two-factor-auth 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

mindgruve/two-factor-auth

Composer 安装命令:

composer require mindgruve/two-factor-auth

包简介

PHP Implementation of RFC 6238 used by the Google Authenticator Token Generator

README 文档

README

This PHP Library implements TOTP algorithm popularized by GoogleAuthenticator. It provides a simple, secure, and user-friendly 2-Factor-Authentication scheme.

Algorithm

The Time-Based One-Time Password Algorithm is described in RFC 26238 is located at https://tools.ietf.org/html/rfc6238

Generating Secrets

  1. Have your users download the GoogleAuthenticator app to their smart phone. Links to Android Play Store and Apple App Store

  2. Generate a Secret for each user and store it in your application

     use Mindgruve\TwoFactorAuth\Secret;
     $secret = new Secret();
     // Secrets can be Serialized to a Base32 String
     $serializedSecret = $secret->asBase32();
     // Save this $serializedSecret in your application for this user   
    
  3. Have your user load the secret into GoogleAuthenticator.

     use Mindgruve\TwoFactorAuth\Secret;
     $secret = new Secret();
     /**
      * Display a QR code for users to scan
      */
     <img src="<?php echo $secret->getGoogleQRCodeUrl(); ?>">
     /**
      *  Display the secret for users to enter manually.
      */
     echo $secret->asBase32();
    
  4. GoogleAuthenticator will now generate a new token every 30 seconds for your user

Validating Tokens

When your user logs in, prompt the user for a token. The user opens their GoogleAuthenticator and enters in the token shown on their screen, which regenerates every 30 seconds. To validate the token, you load the user's secret (from your database for instance) and use the helper function isValidToken() to validate the user supplied token.

    use Mindgruve\TwoFactorAuth\Authenticator;
    use Mindgruve\TwoFactorAuth\Secret;
    use Mindgruve\TwoFactorAuth\Token;
    
    /**
     * Load the $serializedSecret for the user
     * The $tokenString is value submitted by the user
     */
     $secret = new Secret($serializedSecret);
     $token = new Token($tokenString);
     $authenticator = new Authenticator();
     if($authenticator->isValidToken($secret, $token)){
        // access granted
     } else {
        // access denied
     }

Running tests

php vendor/bin/phpunit src

统计信息

  • 总下载量: 82
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 1
  • 点击次数: 8
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 1
  • Watchers: 4
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2017-03-09

承接程序开发

PHP开发

VUE

Vue开发

前端开发

小程序开发

公众号开发

系统定制

数据库设计

云部署

网站建设

安全加固