7

I want to use Google 2FA in my PHP project. The user needs to enter the 6 digit 2fa code while logging in.

May you draw some tips on which direction to take?

Murali Tharan
  • 177
  • 1
  • 1
  • 8
  • What have you done so far? – Ashil John Feb 17 '17 at 06:33
  • Still i didn't start this. because i don't know how do this? – Murali Tharan Feb 17 '17 at 06:41
  • you might want to see this answer http://stackoverflow.com/questions/16908124/google-two-factor-authentication-tutorial-for-codeigniter – Umang Gupta Feb 26 '17 at 03:24
  • I have completed this module. Which was developed based on the below amit reference link.. But anyway thank you for your response to this. – Murali Tharan Feb 27 '17 at 05:43
  • If you have no clue about 2FA, you have to first learn about it and then ask. If you don't know how Google Authenticator works, same applies to their docs. Once you start some grounded work, if you come up with a problem or don't understand something, you may come and ask here. –  Sep 03 '18 at 20:28

1 Answers1

12

Step 1) Create a unique secret code of length 16 characters. PHPGangsta provides wrapper class for Google Authenticator. You can download using composer.

curl -sS https://getcomposer.org/installer | php
php composer.phar require  phpgangsta/googleauthenticator:dev-master
Use the below code to generate the secret code.

<?php
require 'vendor/autoload.php';
$authenticator = new PHPGangsta_GoogleAuthenticator();
$secret = $authenticator->createSecret();
echo "Secret: ".$secret;
 
?>

Step 2) Create a QR code withe the generated secret.

We need to prepare a QR code using the secret. If you want to read more about QR code generation for Google Authenticator. Github Wiki You can use any QR code generator to generate the QR code, For this demo I am using Google charts.

require 'vendor/autoload.php';
$authenticator = new PHPGangsta_GoogleAuthenticator();
$secret = $authenticator->createSecret();
echo "Secret: ".$secret."\n";  //save this at server side
 
$website = 'http://hayageek.com'; //Your Website
$title= 'Hayageek';
$qrCodeUrl = $authenticator->getQRCodeGoogleUrl($title, $secret,$website);
echo $qrCodeUrl;

Step 3) Generate TOTP (Time-Based One time password) using Google Authenticator App

Download the Google Authenticator app from Google Play or AppStore

Open the app and Click on ‘+’ Button, and scan the QR code generated using Google Charts. Authenticator app generates the TOTP for your website. TOTP will change for every 30 secs.

Two factor authentication with Google Authenticator

Step 4) Verifying OTP at server side

require 'vendor/autoload.php';
$authenticator = new PHPGangsta_GoogleAuthenticator();
 
$secret = '3JMZE4ASZRIISJRI'; //This is used to generate QR code
$otp = '183036' ;//Generated by Authenticator.
 
$tolerance = 0;
    //Every otp is valid for 30 sec.
    // If somebody provides OTP at 29th sec, by the time it reaches the server OTP is expired.
    //So we can give tolerance =1, it will check current  & previous OTP.
    // tolerance =2, verifies current and last two OTPS
 
$checkResult = $authenticator->verifyCode($secret, $otp, $tolerance);    
 
if ($checkResult) 
{
    echo 'OTP is Validated Succesfully';
     
} else {
    echo 'FAILED';
}

   source code refer this link : http://hayageek.com/two-factor-authentication-with-google-authenticator-php/
Community
  • 1
  • 1
amit 1984
  • 374
  • 2
  • 9