elshaden/apiato-otpkey
Composer 安装命令:
composer require elshaden/apiato-otpkey
包简介
Implementation of 2 factor Authentication using TOTP In Apiato Projects .
README 文档
README
Multi-Factor Authentication MFA , 2FA.
This Container is used to manage the 2 Factor Authentication using any app like Google Authenticator
Note: This container is not fully tested, use with caution.
Installation
Only Works in Existing Apiato Application
Read more about the Apiato container installer in the docs!
Steps
composer require elshaden/apiato-otpkey
Add the use HasOtpKeyTrait in the User Model
Migrate the table 'otp_keys'
and you are ready to go
Check Config File in Configs Dir for any changes
Usage
To find if user has MFA Key
$user-> HasOtp();
This will return the full record of the Otp Key.
object // OtpKey
id // Hashed OtpKey Id
user_id
code // Base64 OtpKey Code
qr_code // QR Code Image
active // Active or not
created_at
updated_at
readable_created_at
readable_updated_at
To Create New MFA key
$user-> CreateOtpKey();
This will return : The Otp_key Record created with otp Key ( basse 64 TOTP key) QR code inform of Base 64 Image and the user Id
Update the Key
$user->UpdateKey();
This will regnertae the Key and updates the record
To generate a QR code for a given code
$user->GetQrCode($code) ;
To Verfiy a given Token is valid ( the six numbers in the authenticator)
$user->ValidateKey($Code); // The code must be the six digits in the Authenticator
Generate Code
$user->GenerateCode();
This will generate a 6 Digits Code based on the user token, at any given time The code should match any authenticator App's such as Google Authenticator
API Endpoints
| Endpoint | Method | Parameteres | Usage | Response |
|---|---|---|---|---|
| /otpkeys | POST | user_id | Creates New User Token | string "id", int "user_id", string "code", image "qr_code" |
| /validate-otpkeys | POST | id , pin , slots | Validates 6 digits pin | bool "result" |
| /validate-usercode | POST | pin | Validates pin By User Bearer Token | bool "result" |
| /generate-otpkey | GET | Generates 6 Digits pin From Bearer Token | int "code" |
In Addition to Find, delete and Update OtpToken for any user.
Note when validating the Otp in validate-otpkeys slots means validate the key for past of 30 seconds each.
For example 10 Slots means 10 * 30 seconds = 300 seconds / 60 = 5 minutes. So the Otp is valid for the pas 5 minutes.
For 5 Minutes Token, slots = 5 * 60 = 300
For one day Token, slots = 24 * 60 * 60 = 86400
the longer the period the more time it takes to check the validity, so please try to be conservative.
elshaden/apiato-otpkey 适用场景与选型建议
elshaden/apiato-otpkey 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 35 次下载、GitHub Stars 达 6, 最近一次更新时间为 2021 年 09 月 17 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「framework」 「api」 「2fa」 「MFA」 「apiato」 「Autenticator」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 elshaden/apiato-otpkey 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 elshaden/apiato-otpkey 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 elshaden/apiato-otpkey 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
PHP Framework HLEB2 is the foundation of the web application. Provides ease of development and application performance.
Laravel Authentication package with built-in two-factor (Authy) and social authentication (Socialite).
This package provides Laravel bindings and a Eloquent/Model trait for pragmarx/recovery package.
A PSR-7 compatible library for making CRUD API endpoints
A stylish PHP application framework crafted using Slim, Twig, Eloquent and Sentinel designed to get you from clone to production in a matter of minutes.
Duo Security Universal Prompt two-factor authentication for Roundcube. Supports multiple authentication methods including push notifications, SMS, phone calls, and hardware tokens.
统计信息
- 总下载量: 35
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 6
- 点击次数: 7
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2021-09-17