Download the PHP package mindgruve/two-factor-auth without Composer

On this page you can find all versions of the php package mindgruve/two-factor-auth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of mindgruve/two-factor-auth

Informations about the package two-factor-auth

Two-Factor-Authentication

This PHP Library implements TOTP algorithm popularized by GoogleAuthenticator. It provides a simple, secure, and user-friendly 2-Factor-Authentication scheme.

Algorithm

The Time-Based One-Time Password Algorithm is described in RFC 26238 is located at https://tools.ietf.org/html/rfc6238

Generating Secrets

  1. Have your users download the GoogleAuthenticator app to their smart phone. Links to Android Play Store and Apple App Store

  2. Generate a Secret for each user and store it in your application 

    use Mindgruve\TwoFactorAuth\Secret;
$secret = new Secret();
// Secrets can be Serialized to a Base32 String
$serializedSecret = $secret->asBase32();
// Save this $serializedSecret in your application for this user

  3. Have your user load the secret into GoogleAuthenticator. 

    use Mindgruve\TwoFactorAuth\Secret;
$secret = new Secret();
/**
 * Display a QR code for users to scan
 */
<img src="">
/**
 *  Display the secret for users to enter manually.
 */
echo $secret->asBase32();
  4. GoogleAuthenticator will now generate a new token every 30 seconds for your user

Validating Tokens

When your user logs in, prompt the user for a token. The user opens their GoogleAuthenticator and enters in the token shown on their screen, which regenerates every 30 seconds. To validate the token, you load the user's secret (from your database for instance) and use the helper function isValidToken() to validate the user supplied token.

    use Mindgruve\TwoFactorAuth\Authenticator;
    use Mindgruve\TwoFactorAuth\Secret;
    use Mindgruve\TwoFactorAuth\Token;

    /**
     * Load the $serializedSecret for the user
     * The $tokenString is value submitted by the user
     */
     $secret = new Secret($serializedSecret);
     $token = new Token($tokenString);
     $authenticator = new Authenticator();
     if($authenticator->isValidToken($secret, $token)){
        // access granted
     } else {
        // access denied
     }

Running tests

php vendor/bin/phpunit src

All versions of two-factor-auth with dependencies

PHP Build Version
Package Version
Requires christian-riesen/base32 Version ^1.3
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package mindgruve/two-factor-auth contains the following files

Loading the files please wait ....