Skip to content

YII2 extension for generating one time passwords according to RFC 4226 (HOTP Algorithm) and the RFC 6238 (TOTP Algorithm)

License

Notifications You must be signed in to change notification settings

sam002/yii2-otp

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

51 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

yii2-otp

Code Climate SensioLabsInsight

Latest Version Software License

Build Status

YII2 extension for generating one time passwords according to RFC 4226 (HOTP Algorithm) and the RFC 6238 (TOTP Algorithm)

Installation

The preferred way to install this extension is through composer.

Either run

composer require sam002/yii2-otp:~2.0.0

or add

"sam002/yii2-otp" : "~2.0.0"

to the require section of your application's composer.json file.

Usage

After extension is installed you need to setup auth client collection application component:

Configure

<?php
use sam002\otp\Otp;

...

'components' => [
    'otp' => [
        'class' => Otp::className(),
        // 'totp' only now
        'algorithm' => sam002\otp\Otp::ALGORITHM_TOTP,
        
        // length of code
        'digits' => 6,
        
        //  Algorithm for hashing
        'digest' => 'sha1',
        
        // Label of application
        'label' => 'yii2-otp',
        
        // Uri to image (application icon)
        'imgLabelUrl' => Yii::to('/icon.png'),
        
        // Betwen 8 and 1024
        'secretLength' => 64,
        // Time interval in seconds, must be at least 1
        'interval'
    ],
...
]

Add behavior Add any model column for storing secure code. //My case: the use of two-factor authentication

<?php
use sam002\otp\behaviors\OtpBehavior;

...

'behavior' => [
    'otp' => [
        'class' => OtpBehavior::className(),
        // Component name
        'component' => 'otp',
        
        // column|property name for get and set secure phrase
        //'secretAttribute' => 'secret'
        // column|property name for get code and confirm secret
        //'codeAttribute' => 'secret'
        
        //Window in time for check authorithation (current +/- window*interval) 
        //'window' => 0
    ],
...
]

Widget use Widget for generate init QR-code. Read more about QrParams in the qrcode-library.

use sam002\otp\widgets\OtpInit;

<?php echo $form->field($model, 'secret')->widget(
                    OtpInit::className() ,[
                        'component'=>'otp',
                        
                        // link text
                        'link' => 'ADD OTP BY LINK',
                        
                        'QrParams' => [
                            // pixels width
                            'size' => 300,
                            
                            // margin around QR-code
                            'margin' => 10,
                            
                            // Path to logo on image
                            'logo' => '/icon.png',
                            
                            // Width logo on image
                            'logoWidth' => 50,
                            
                            // RGB color
                            'foregroundColor' => [0,0,0],
                            
                            // RGB color
                            'backgroundColor' => [255,255,255],
                            
                            // Qulity of QR: LOW, MEDIUM, HIGHT, QUARTILE
                            'level' => ErrorCorrectionLevelInterface::HIGH,
                            
                            // Image format: PNG, JPG, SVG, EPS
                            'type' => PngWriter::class,
                            
                            // Locale
                            'encoding' => 'UTF-8',
                            
                            // Text on image under QR code
                            'label' => 'QR code',
                            
                            // by default image create and save at Yii::$app->runtimePath . '/temporaryQR/'
                            'outfile' => '/tmp/'.uniqid(),
                            
                            // save or delete after generate
                            'save' => false,
                        ]
                ]); ?>

Further Information

Credits

License

The LGPLv3 License. Please see License File for more information.

About

YII2 extension for generating one time passwords according to RFC 4226 (HOTP Algorithm) and the RFC 6238 (TOTP Algorithm)

Resources

License

Stars

Watchers

Forks

Packages

No packages published

Languages