Download the PHP package silverstripe/totp-authenticator without Composer

On this page you can find all versions of the php package silverstripe/totp-authenticator. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of silverstripe/totp-authenticator

Informations about the package totp-authenticator

Silverstripe TOTP Authenticator

CI Silverstripe supported module

Log in to Silverstripe with an authenticator app on your phone as a secondary factor, using a time-based one-time password (TOTP).

This module provides a TOTP authenticator that plugs in to the silverstripe/mfa module.

For more information about TOTP, see RFC 6238.

Installation

Configuration

Encryption key

You will need to define an environment variable named SS_MFA_SECRET_KEY with a random secret key, which is used for encrypting the TOTP secret. The authentication method will not be available for use until this is correctly defined.

Please note that existing registered TOTP methods for users will not be usable on environments with different values for SS_MFA_SECRET_KEY than they were registered in.

There are many ways to create a random secret key, the easiest is by executing a php command on the command line. The secret key length depends on your specific information security controls, but 32 characters is a good baseline.

TOTP secret length

You can also configure the length of the TOTP secret. This is the code that is displayed to users when they register to use TOTP, for example "alternatively, enter this code manually into your app." The default length is 16 characters. If you do not want to support manual code entry in your project, you may want to increase the length in order to increase the entropy of the TOTP secret, however removing the secret from the UI will require adjustments to the React components. See the RegisterHandler.secret_length configuration property.

TOTP code length

If you want to change the length of the TOTP codes the application accepts, you can adjust Method.code_length. The default length is 6 characters.

User help link

When this method is used on the website during the multi-factor login process, it may show a "find out more" link to user documentation. You can disable this by nullifying the configuration property RegisterHandler.user_help_link or you can change it to point to your own documentation instead:

TOTP issuer and label

The TOTP "issuer" is the Silverstripe site name (set in SiteConfig) by default, and the "label" is the member's email address by default. These are the values that show up in your authenticator app. You can change these if you need to use something else, by writing an extension on RegisterHandler:

License

See License

Bugtracker

Bugs are tracked in the issues section of this repository. Before submitting an issue please read over existing issues to ensure yours is unique.

If the issue does look like a new bug:

Please report security issues to the module maintainers directly. Please don't file security issues in the bug tracker.

Development and contribution

If you would like to make contributions to the module please ensure you raise a pull request and discuss with the module maintainers.

All versions of totp-authenticator with dependencies

PHP Build Version
Package Version
Requires php Version ^8.1
silverstripe/mfa Version ^5
silverstripe/siteconfig Version ^5
spomky-labs/otphp Version ^11.1
paragonie/constant_time_encoding Version ^2.6
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package silverstripe/totp-authenticator contains the following files

Loading the files please wait ....