lsat / yii2-otp
LSAT YII2 extension for generating one time passwords according to RFC 4226/6238 (HOTP/TOTP Algorithm) and authentication widget , Upgrade version lib 2amigos/qrcode-library and spomky-labs/otphp from https://github.com/sam002/yii2-otp (sam002/yii2-otp) Support PHP to ^8.0
1.0.4
2023-12-13 04:56 UTC
Requires
- php: >=7.0.0
- 2amigos/qrcode-library: ^3.0
- spomky-labs/otphp: ~10.0.0
This package is auto-updated.
Last update: 2024-10-13 07:02:07 UTC
README
LSAT Yii2 OTP
How to install
docker-compose exec api composer require lsat/yii2-otp:~1.0.0
Or
composer require lsat/yii2-otp:~1.0.0
or Add
"lsat/yii2-otp" : "~1.0.0"
to the require section of your application's composer.json
file.
Add components to web.php or console.php
'components' => [
'otp' => [
'class' => lsat\otp\Otp::class,
// 'totp' only now
'algorithm' => lsat\otp\Otp::ALGORITHM_TOTP,
// length of code
'digits' => 6,
// Algorithm for hashing
'digest' => 'sha1',
// Label of application
'label' => '1022_Bình Dương',
// Uri to image (application icon)
// 'imgLabelUrl' => \yii\helpers\Url::to('\app\web\logo.php'),
// Betwen 8 and 1024
'secretLength' => 72,
// Time interval in seconds, must be at least 1
'interval' => 30,
'issuer' => '1022_BD',
],
]
Use Behavior
Set behavior in model
<?php
...
'behavior' => [
'otp' => [
'class' => lsat\otp\behavior\OtpBehavior::className(),
// Component name
'component' => 'otp',
// column|property name for get and set secure phrase
//'secretAttribute' => 'secret'
// column|property name for get code and confirm secret
//'codeAttribute' => 'code'
//Window in time for check authorithation (current +/- window*interval)
//'window' => 0
],
...
]
attachBehavior with dynamic form
// create form or load secret form for each user
$dynamicModel = new yii\base\DynamicModel(['code','secret']);
$dynamicModel->addRule(['code'],'required');
$dynamicModel->addRule(['code'],'string', ['min' => 6]);
$dynamicModel->addRule(['secret'],'string');
// set secret attribute
$dynamicModel->secret = "YOURSECRET";
$dynamicModel->attachBehavior("otp", [
'class' => OtpBehavior::class,
// 'secretAttribute' => "CustomSecretField",
// 'codeAttribute' => "CustomCodeField",
]);
// Load value code attribute
$code = Yii::$app->request->post("code");
$dynamicModel->code = $code;
// Validate otp code and secret attribute
if (!$dynamicModel->validate()) {
var_dump($dynamicModel->errors);
}
Widget for generate init QR-code.
Read more about QrParams in the qrcode-library
<?php
echo $form->field($model, 'secret')->widget(
lsat\otp\widgets\OtpInit::class, [
'component' => 'otp',
// link text
'link' => false,
'QrParams' => [
// pixels width
'size' => 200,
// margin around QR-code
'margin' => 10,
// Path to logo on image
'logo' => Yii::getAlias("@app/web/icon.png"),
// Width logo on image
'logoWidth' => 50,
// RGB color
'foregroundColor' => [0, 0, 0],
// RGB color
'backgroundColor' => [255, 255, 255],
// Qulity of QR: LOW, MEDIUM, HIGHT, QUARTILE
'level' => ErrorCorrectionLevelInterface::HIGH,
// Image format: PNG, JPG, SVG, EPS
'type' => PngWriter::class,
// Locale
'encoding' => 'UTF-8',
// Text on image under QR code
'label' => '',
// by default image create and save at Yii::$app->runtimePath . '/temporaryQR/'
// 'outfile' => '/tmp/'.uniqid(),
// save or delete after generate
'save' => false,
]
])->label(false);
?>