Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 1 | <!doctype html> |
| 2 | <html> |
| 3 | <head> |
| 4 | <title>Demo</title> |
| 5 | </head> |
| 6 | <body> |
| 7 | <ol> |
| 8 | <?php |
Matthias Andreas Benkard | 1ba5381 | 2022-12-27 17:32:58 +0100 | [diff] [blame^] | 9 | // in practice you would require the composer loader if it was not already part of your framework or project |
| 10 | spl_autoload_register(function ($className) { |
| 11 | include_once str_replace(array('RobThree\\Auth', '\\'), array(__DIR__.'/../lib', '/'), $className) . '.php'; |
| 12 | }); |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 13 | |
Matthias Andreas Benkard | 1ba5381 | 2022-12-27 17:32:58 +0100 | [diff] [blame^] | 14 | // substitute your company or app name here |
| 15 | $tfa = new RobThree\Auth\TwoFactorAuth('RobThree TwoFactorAuth'); |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 16 | ?> |
Matthias Andreas Benkard | 1ba5381 | 2022-12-27 17:32:58 +0100 | [diff] [blame^] | 17 | <li>First create a secret and associate it with a user</li> |
| 18 | <?php |
| 19 | $secret = $tfa->createSecret(); |
| 20 | ?> |
| 21 | <li> |
| 22 | Next create a QR code and let the user scan it:<br> |
| 23 | <img src="<?php echo $tfa->getQRCodeImageAsDataUri('Demo', $secret); ?>"><br> |
| 24 | ...or display the secret to the user for manual entry: |
| 25 | <?php echo chunk_split($secret, 4, ' '); ?> |
| 26 | </li> |
| 27 | <?php |
| 28 | $code = $tfa->getCode($secret); |
| 29 | ?> |
| 30 | <li>Next, have the user verify the code; at this time the code displayed by a 2FA-app would be: <span style="color:#00c"><?php echo $code; ?></span> (but that changes periodically)</li> |
| 31 | <li>When the code checks out, 2FA can be / is enabled; store (encrypted?) secret with user and have the user verify a code each time a new session is started.</li> |
| 32 | <li> |
| 33 | When aforementioned code (<?php echo $code; ?>) was entered, the result would be: |
| 34 | <?php if ($tfa->verifyCode($secret, $code) === true) { ?> |
| 35 | <span style="color:#0c0">OK</span> |
| 36 | <?php } else { ?> |
| 37 | <span style="color:#c00">FAIL</span> |
| 38 | <?php } ?> |
| 39 | </li> |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 40 | </ol> |
| 41 | <p>Note: Make sure your server-time is <a href="http://en.wikipedia.org/wiki/Network_Time_Protocol">NTP-synced</a>! Depending on the $discrepancy allowed your time cannot drift too much from the users' time!</p> |
| 42 | <?php |
Matthias Andreas Benkard | 1ba5381 | 2022-12-27 17:32:58 +0100 | [diff] [blame^] | 43 | try { |
| 44 | $tfa->ensureCorrectTime(); |
| 45 | echo 'Your hosts time seems to be correct / within margin'; |
| 46 | } catch (RobThree\Auth\TwoFactorAuthException $ex) { |
| 47 | echo '<b>Warning:</b> Your hosts time seems to be off: ' . $ex->getMessage(); |
| 48 | } |
Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 49 | ?> |
| 50 | </body> |
| 51 | </html> |