theodorejb/multi-factor

Vendor-agnostic two-factor authentication library

v2.0.0 2024-09-22 16:18 UTC

This package is auto-updated.

Last update: 2024-12-22 16:52:26 UTC


README

Designed to be a vendor-agnostic implementation of various Two-Factor Authentication solutions.

Fork of paragonie/multi_factor. Initially developed by Paragon Initiative Enterprises for use in their own projects. Forked to support PHP 8+ since the original project wasn't being maintained.

Released under a dual license: GPL and MIT. As with all dual-licensed projects, feel free to choose the license that fits your needs.

Requirements

  • PHP 8.1+

Installing

composer require theodorejb/multi-factor

Example Usage

Display QR code

<?php
use ParagonIE\MultiFactor\Vendor\GoogleAuth;

$seed = random_bytes(20);
$auth = new GoogleAuth($seed);
$auth->makeQRCode(null, 'php://output', 'email@example.com', 'Issuer', 'Label');

Validate two-factor code

<?php
use ParagonIE\MultiFactor\OneTime;
use ParagonIE\MultiFactor\OTP\TOTP;

// You can use TOTP or HOTP
$otp = new OneTime($seed, new TOTP());

if (\password_verify($_POST['password'], $storedHash)) {
    if ($otp->validateCode($_POST['2facode'], time())) {
        // Login successful    
    }
}