Matthias Andreas Benkard | b382b10 | 2021-01-02 15:32:21 +0100 | [diff] [blame] | 1 | <!doctype html> |
| 2 | <html> |
| 3 | <head> |
| 4 | <title>Demo</title> |
| 5 | </head> |
| 6 | <body> |
| 7 | <ol> |
| 8 | <?php |
| 9 | require_once 'loader.php'; |
| 10 | Loader::register('../lib','RobThree\\Auth'); |
| 11 | |
| 12 | use \RobThree\Auth\TwoFactorAuth; |
| 13 | |
| 14 | $tfa = new TwoFactorAuth('MyApp'); |
| 15 | |
| 16 | echo '<li>First create a secret and associate it with a user'; |
| 17 | $secret = $tfa->createSecret(160); // Though the default is an 80 bits secret (for backwards compatibility reasons) we recommend creating 160+ bits secrets (see RFC 4226 - Algorithm Requirements) |
| 18 | echo '<li>Next create a QR code and let the user scan it:<br><img src="' . $tfa->getQRCodeImageAsDataUri('My label', $secret) . '"><br>...or display the secret to the user for manual entry: ' . chunk_split($secret, 4, ' '); |
| 19 | $code = $tfa->getCode($secret); |
| 20 | echo '<li>Next, have the user verify the code; at this time the code displayed by a 2FA-app would be: <span style="color:#00c">' . $code . '</span> (but that changes periodically)'; |
| 21 | echo '<li>When the code checks out, 2FA can be / is enabled; store (encrypted?) secret with user and have the user verify a code each time a new session is started.'; |
| 22 | echo '<li>When aforementioned code (' . $code . ') was entered, the result would be: ' . (($tfa->verifyCode($secret, $code) === true) ? '<span style="color:#0c0">OK</span>' : '<span style="color:#c00">FAIL</span>'); |
| 23 | ?> |
| 24 | </ol> |
| 25 | <p>Note: Make sure your server-time is <a href="http://en.wikipedia.org/wiki/Network_Time_Protocol">NTP-synced</a>! Depending on the $discrepancy allowed your time cannot drift too much from the users' time!</p> |
| 26 | <?php |
| 27 | try { |
| 28 | $tfa->ensureCorrectTime(); |
| 29 | echo 'Your hosts time seems to be correct / within margin'; |
| 30 | } catch (RobThree\Auth\TwoFactorAuthException $ex) { |
| 31 | echo '<b>Warning:</b> Your hosts time seems to be off: ' . $ex->getMessage(); |
| 32 | } |
| 33 | ?> |
| 34 | </body> |
| 35 | </html> |