- Copyright (c) 2025, https://poetter-sebastian.github.io
- Author: Sebastian Pötter, (@PHPGangsta, contributors) and contributors
- Licensed under the BSD 2-Clause "Simplified" License.
This class can generate secrets, generate codes, validate codes and present a QR-Code for scanning the secret. It implements TOTP according to RFC6238
Other hash functions other than SHA1 only work for Google-Authenticator at the moment!
Look at the function TestGenerator() in tests
Or use this sample script:
require_once('../src/SimpleAuthenticator.php');
use SebastianDevs\SimpleAuthenticator;
$auth = new SimpleAuthenticator(6, 'SHA1');
try
{
$secret = $auth->createSecret();
}
catch (Exception $e)
{
echo $e->getMessage();
exit();
}
echo 'Secret is: ' . $secret . '\n';
$qrCodeUrl = $auth->getQRCodeGoogleUrl($secret, 'Testo@test.test', 'Business');
echo 'QR-Code: ' . $qrCodeUrl . '\n';
$oneCode = $auth->getCode($secret);
echo 'Checking Code ' . $oneCode . ' and Secret ' . $secret . ':\n';
echo $auth->verifyCode($secret, $oneCode, 2)? 'OK': 'NOT OK';output:
Secret is: S4VWK6CWPA3PMU2HZM2YEDZGSF2DQL3V
Google Charts URL for the QR-Code: https://api.qrserver.com/v1/create-qr-code/?data=otpauth%3A%2F%2Ftotp%2FVintage+Story%3ATesto%40test.test%3Fsecret%3DS4VWK6CWPA3PMU2HZM2YEDZGSF2DQL3V%26algorithm%3DSHA256%26issuer%3DVintage+Story&size=200x200&ecc=M
Checking Code '439195' and Secret 'S4VWK6CWPA3PMU2HZM2YEDZGSF2DQL3V':
OK
- To use this package perform the following command:
composer require sebastiandevs/simplethenticator
- To use the class just import the SimpleAuthenticator.php as
require_once()in your PHP code
- All tests are inside the tests folder.
- Execute
composer run-script build-devto install all dependencies - Execute
composer run-script testto run all tests in the test folder
- For better code or complex implementations: please use RobThree/TwoFactorAuth!