kelunik / Two Factor
Licence: mit
Two factor authentication.
Stars: ✭ 32
Labels
Projects that are alternatives of or similar to Two Factor
Twofactor gateway
🔑 Second factor provider using an external messaging gateway (SMS, Telegram, Signal)
Stars: ✭ 76 (+137.5%)
Mutual labels: 2fa, two-factor
Otplib
🔑 One Time Password (OTP) / 2FA for Node.js and Browser - Supports HOTP, TOTP and Google Authenticator
Stars: ✭ 916 (+2762.5%)
Mutual labels: 2fa, two-factor
Privacyidea
🔐 multi factor authentication system (2FA, MFA, OTP Server)
Stars: ✭ 1,027 (+3109.38%)
Mutual labels: 2fa, two-factor
Authelia
The Single Sign-On Multi-Factor portal for web apps
Stars: ✭ 11,094 (+34568.75%)
Mutual labels: 2fa, two-factor
privacyidea-ldap-proxy
🌲 LDAP Proxy to intercept LDAP binds and authenticate against privacyIDEA
Stars: ✭ 17 (-46.87%)
Mutual labels: two-factor, 2fa
Twofactor totp
🔑 Second factor TOTP (RFC 6238) provider for Nextcloud
Stars: ✭ 203 (+534.38%)
Mutual labels: 2fa, two-factor
Two Factor Auth
Generate 2FA tokens compatible with Google Authenticator
Stars: ✭ 352 (+1000%)
Mutual labels: 2fa, two-factor
apache 2fa
Apache two-factor (2FA) authentication with Google Authenticator based on Time-based One-Time Password (TOTP) or HMAC-based one-time password (HOTP) Algorithms.
Stars: ✭ 63 (+96.88%)
Mutual labels: two-factor, 2fa
2FAuth
A Web app to manage your Two-Factor Authentication (2FA) accounts and generate their security codes
Stars: ✭ 664 (+1975%)
Mutual labels: two-factor, 2fa
react-native-sms-user-consent
React Native wrapper for Android's SMS User Consent API, ready to use in React Native apps with minimum effort.
Stars: ✭ 45 (+40.63%)
Mutual labels: two-factor, 2fa
Identityserver4aspnetcoreidentitytemplate
An ASP.NET Core 3.1 IdentityServer4 Identity Bootstrap 4 template with localization
Stars: ✭ 262 (+718.75%)
Mutual labels: 2fa
Yosai
A Security Framework for Python applications featuring Authorization (rbac permissions and roles), Authentication (2fa totp), Session Management and an extensive Audit Trail
Stars: ✭ 582 (+1718.75%)
Mutual labels: two-factor
extract otp secret keys
Extract two-factor authentication (2FA, TFA) secret keys from export QR codes of "Google Authenticator" app
Stars: ✭ 217 (+578.13%)
Mutual labels: 2fa
two-factor
kelunik/two-factor
is a Google Authenticator compatible OATH implementation.
Requirements
- PHP 5.5+
Installation
composer require kelunik/two-factor
Demo
There's a runnable demo contained in this repository.
Usage
Generate a secret per user
$oath = new Oath;
// this generates a key in binary format
$key = $oath->generateKey();
// store key for user
Let user setup two factor device
$oath = new Oath;
$key = "..."; // load user key from storage
// Use the URI to provide an easy to scan QR code
$uri = $oath->getUri($key);
// Alternatively display the key for manual input
$secret = $oath->encodeKey($key);
You can use your favourite JavaScript or PHP library to generate the QR code. For a working example, we're using qr.js
.
<form action="/2fa/setup" method="POST">
Scan the following QR code and click continue once you're ready.
<input type="hidden" value="{{$uri}}" id="2fa-uri">
<canvas id="qr-code"></canvas>
<script src="/js/qr.min.js"></script>
<script>
qr.canvas({
canvas: document.getElementById("qr-code"),
value: document.getElementById("2fa-uri").value
});
</script>
<button type="submit">Continue</button>
</form>
Validate TOTP value
$oath = new Oath;
$key = "..."; // load user key from storage
$isValid = $oath->verifyTotp($key, $totpValue);
// If the token is valid, ensure that it can't be used again.
// Because we use the default grace window size of two,
// we have to store the used TOTP value for at least 90 seconds,
// to prevent its usage explicitly.
Note that the project description data, including the texts, logos, images, and/or trademarks,
for each open source project belongs to its rightful owner.
If you wish to add or remove any projects, please contact us at [email protected].