PHP implementation of RFC6238 (TOTP: Time-Based One-Time Password Algorithm).
- PHP (64-bits): PHP 8.1 or later
- PHP Extensions: hash
- Set up Composer, the de facto standard package manager.
php composer.phar require jp3cki/totp
<?php
declare(strict_types=1);
use jp3cki\totp\Totp;
require_once('vendor/autoload.php');
// Generate new shared-secret key (for each user)
$secret = Totp::generateKey();
echo "secret: {$secret}\n";
echo "\n";
// Make URI for importing from QRCode.
$uri = Totp::createKeyUriForGoogleAuthenticator($secret, 'theuser@example.com', 'Issuer Name');
echo "uri: {$uri}\n";
echo "\n";
// Verify user input
$userInput = '123456'; // $_POST['totp']
$isValid = Totp::verify($userInput, $secret, time());
var_dump($isValid);
Copyright (c) 2015-2024 AIZAWA Hina <hina@fetus.jp>
Patches and/or report issues are welcome.
- Please create new branch for each issue or feature. (should not work in master branch)
- Please write and run test.
$ make test
- Please run check-style for static code analysis and coding rule checking.
$ make check-style
- Please clean up commits.
- Please create new pull-request for each issue or feature.
- Please use Japanese or very simple English to create new pull-request or issue.
-
v3.0.0
- Minimum environment is now PHP 8.1
-
v2.0.0
- Minimum environment is now PHP 7.2
- Argument types are now strictly enforced
- Removed
Random::generate*()
. Always userandom_bytes()
now.