PHP download

Download the PHP package eloquent/otis without Composer

On this page you can find all versions of the php package eloquent/otis. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

Table of contents
Download eloquent/otis
More information about eloquent/otis
Files in eloquent/otis

Vendor eloquent
Package otis
Short Description One-time password / multi-factor authentication library for PHP.
License MIT
Homepage https://github.com/eloquent/otis

Keywords Authentication time google password auth otp multi authenticator oath 2fa one two factor

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Example code of eloquent/otis

Informations about the package otis

Otis

One-time password / multi-factor authentication library for PHP.

Installation and documentation

Available as Composer package eloquent/otis.
API documentation available.

What is Otis?

Otis is a PHP library for implementing one-time password / [multi-factor authentication] systems. Otis provides generators and validators for both TOTP (time-based passwords as defined in RFC 6238) and HOTP (counter-based passwords as covered in RFC 4226). Otis supports all hashing algorithms (SHA-1, SHA-256, SHA-512).

In addition, Otis provides tools for generating the URI format understood by Google Authenticator and other compatible OTP apps, as well as URIs for QR code generation services to further ease integration.

Usage

Validating a TOTP password

Validating an HOTP password

Generating a Google Authenticator URI

Generating a Google Authenticator QR code URI

Validating a sequence of HOTP passwords

Security considerations

When implementing an OTP system, the following points should be considered with care:

Each password should only be considered valid once. This helps to avoid replay attacks. This is especially important for time-based passwords that may otherwise be considered valid for an entire time period. Keeping track of which one-time passwords have already been used in a successful validation is the only way to ensure a password is not re-used.
The shared secret should be treated as sensitive information. When storing the secret on the server side, strong two-way encryption should be used. A solution such as Lockbox would be ideal.
In order for time-based OTP systems to work well, there should be minimal differences in the system time of the server, and the OTP device in use. Otis defaults allow -1 to +1 time windows (a window is usually 30 seconds), but the validator can be configured to accept passwords from larger time windows.

Try Otis

Otis has a simple demonstration system. In order to run the demos, these instructions must be followed:

Install Google Authenticator or a compatible OTP app.
Clone the Otis repository.
Install Composer dependencies, including dev dependencies.
Run test/bin/totp or test/bin/hotp depending on which type of OTP system is preferred.
A link to a QR code image will be launched in the default browser.
Scan this QR code with the OTP app.
Return to the console and enter the passwords provided by the OTP app.

In addition, there is a test suite for determining the capabilities of OTP apps. In order to run the test suite follow these steps:

Install Composer dependencies as above.
Run test/bin/otp-test-suite.
The test suite will be launched in the default browser.

OTP app capabilities

Not all OTP apps support the same features. Even Google Authenticator does not support all the features that its URI format is capable of expressing (and support varies across platforms).

For a table of OTP apps and their capabilities, see OTP app capabilities in the wiki.

All versions of otis with dependencies

PHP Build Version

Package Version

Version 0.3.0 Release 23. Jan 2014
create-project require 0 people choosed require and
0 people choosed create-project.

Download

Download latest version of otis from vendor eloquent

Requires php Version >=5.3
christian-riesen/base32 Version ~1
eloquent/enumeration Version ~5
icecave/isolator Version ~2

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package eloquent/otis contains the following files

Loading the files please wait ....