Google 2 Factor Authentication using PHP

-

Google 2 Factor Authentication using PHP


In this tutorial, I have explained how to add Two factor authentication with Google Authenticator and PHP . You can check official Google-Authentication project here. Github

Follow the steps.

Step 1) Create a unique secret code of length 16 characters.
PHPGangsta provides wrapper class for Google Authenticator.
You can download using composer.
curl -sS https://getcomposer.org/installer | php
php composer.phar require phpgangsta/googleauthenticator:dev-master
Use the below code to generate the secret code.
<?php

 $authenticator = new PHPGangsta_GoogleAuthenticator();

 require 'vendor/autoload.php';

 $secret = $authenticator->createSecret();
We need to prepare a QR code using the secret. If you want to read more about QR code generation for Google Authenticator. Github Wiki
 echo "Secret: ".$secret;

 ?>
Step 2) Create a QR code withe the generated secret.
You can use any QR code generator to generate the QR code, For this demo I am using Google charts.
 <?php

 require 'vendor/autoload.php';

 $authenticator = new PHPGangsta_GoogleAuthenticator();

 $secret = $authenticator->createSecret();

 $qrCodeUrl = $authenticator->getQRCodeGoogleUrl($title, $secret,$website);

 echo "Secret: ".$secret."\n";

 //save this at server side

 $website = 'http://hayageek.com'; 

 //Your Website

 $title= 'Hayageek';

 echo $qrCodeUrl;

 ?>
Open the app and Click on ‘+’ Button, and scan the QR code generated using 
Google Charts. Authenticator app generates the TOTP for your website. TOTP 
will change for every 30 secs.

 Open the app and Click on ‘+’ Button, and scan the QR code generated using Google Charts. Authenticator app generates the TOTP for your website. TOTP will change for every 30 secs.
Step 3) Generate TOTP (Time-Based One time password) using Google 

 Authenticator App. Download the Google Authenticator app from Google Play 

 or AppStore
Step 4) Verifying OTP at server side
<?php

 require 'vendor/autoload.php'; 

  // If somebody provides OTP at 29th sec, by the time it reaches the server OTP is expired.

 $authenticator = new PHPGangsta_GoogleAuthenticator();

 $secret = '3JMZE4ASZRIISJRI'; 

 //This is used to generate QR code

 $otp = '183036' ;

 //Generated by Authenticator.

 $tolerance = 0;
    //Every otp is valid for 30 sec.
echo 'FAILED';
    //So we can give tolerance =1, it will check current  & previous OTP. 

    // tolerance =2, verifies current and last two OTPS
$checkResult = $authenticator->verifyCode($secret, $otp, $tolerance);

     

 if ($checkResult) {   

  echo 'OTP is Validated Succesfully'; 

     } else {}
?>

Download source code Here..
Or
Download Url: 

 https://www.dropbox.com/s/41a5ajnkzd3f5x0/google-authenticator.zip?dl=0
Labels: Google 2 Factor Authentication, 2 factor authentication in php, 2FA in php

Comments

Post a Comment

Popular posts from this blog

Create Desktop Application with PHP

-
Image
Here we will show you how you can create a web-based desktop application using PHP, CSS, HTML, and JavaScript with the help of PHP Desktop. In fact, PHP Desktop is an easy and simple solution we can use to create very powerful and complex desktop application. What Is PHP Desktop? PHP Desktop is an open source project founded by Czarek Tomczak in 2012 to provide a way for developing native desktop GUI applications using web technologies such as PHP, HTML5, JavaScript and SQLite. Mind you, the development workflow you are used to while creating web applications remains the same. The step of turning an existing website into a desktop application is basically a matter of copy and paste. PHPDesktop is an all-made container that will just swallow your project. With that, you can easily transform an existing website into a desktop application without any modification. When you download PHP Desktop , you will have some set of files and folders; among them you will have a ...
Read more

Insert pandas dataframe into Mongodb

-
Image
Insert pandas dataframe into Mongodb Pandas is most commonly used open-source Python Library for data manipulation, it provides high-performance data manipulation and analysis using its powerful data structures. Here we use pandas library to insert dataframe into Mongodb. I am taking Yahoo finance library to get dataset for a ticker and save that data into Mongo. First, we import all the necessary libraries from pandas_datareader import data as pdr import pandas as pd from pymongo import MongoClient import yfinance as yf yf.pdr_override() We get data from yahoo finance  # download dataframe data1 = pdr.get_data_yahoo("SPY", start="2017-01-01", end="2017-01-15") Now, we make a connection to Mongodb. Here I am connecting to local MongoDb Server on port 27018 and then creating a database with the name `finance`. MongoDB has a collection(table) and I name it as `mycollection`. #Step 1: Connec...
Read more

Add and delete columns dynamically in an HTML table

-
To add new rows to a table (or table section) you can use insertRow, but there isn't an equivalent insertColumn in the  DOM table methods . So what you can do is iterate the rows in the table (or table section), and call insertCell for each row. Javascript:   tableaddcolumn.js // 2006-08-21 - Created // 2006-11-05 - Modified - head and body function addColumn(tblId) { var tblHeadObj = document.getElementById(tblId).tHead; for (var h=0; h<tblHeadObj.rows.length; h++) { var newTH = document.createElement('th'); tblHeadObj.rows[h].appendChild(newTH); newTH.innerHTML = '[th] row:' + h + ', cell: ' + (tblHeadObj.rows[h].cells.length - 1) } var tblBodyObj = document.getElementById(tblId).tBodies[0]; for (var i=0; i<tblBodyObj.rows.length; i++) { var newCell = tblBodyObj.rows[i].insertCell(-1); newCell.innerHTML = '[td] row:' + i + ', cell: ' + (tblBodyObj.rows[i].cells.length - 1) } } function deleteColumn(tblId) { v...
Read more