infoburp/yii2-otp

基于RFC 4226/6238(HOTP/TOTP算法)生成一次性密码和身份验证小部件的YII2扩展

维护者

详细信息

github.com/infoburp/yii2-otp

源代码

问题

安装次数: 429

依赖项: 1

建议者: 0

安全性: 0

星级: 0

关注者: 1

分支: 6

开放问题: 0

类型:yii2-extension

1.0.3 2017-10-10 20:33 UTC

Requires

LGPL-3.0 025677a3bbe45c42005f21870d45cc24b959ab9b

  • Semen Dubina <yii2-otp.woop@sam002.net>
  • Graeme Wolfendale <gwolfendale.woop@gmail.com>

Authenticationtwo-factorotphotptotpyii22faTwo-factor Authentication

This package is not auto-updated.

Last update: 2024-09-18 03:54:55 UTC

README

Code Climate SensioLabsInsight

Latest Version Software License

根据RFC 4226 (HOTP算法) 和RFC 6238 (TOTP算法) 生成的YII2扩展一次性密码

安装

安装此扩展的首选方法是通过 composer

运行以下命令:

composer require infoburp/yii2-otp:~0.1.1

或者添加以下内容到您应用程序的 composer.json 文件的require部分。

"infoburp/yii2-otp" : "~0.1.1"

用法

安装扩展后,您需要设置auth client collection应用程序组件

配置

<?php
use infoburp\otp\Otp;

...

'components' => [
    'otp' => [
        'class' => 'Otp',
        // 'totp' only now
        'algorithm' => infoburp\otp\Collection::ALGORITHM_TOTP
        
        // length of code
        'digits' => 6,
        
        //  Algorithm for hashing
        'digets' => 'sha1',
        
        // Lable of application
        'lable' => 'yii2-otp',
        
        // Uri to image (application icon)
        'imgLabelUrl' => Yii::to('/icon.png'),
        
        // Betwen 8 and 1024
        'secretLength' => 64
        'interval'
    ],
...
]

添加行为 添加任何用于存储安全代码的模型列。//我的情况:使用双因素认证

<?php
use infoburp\otp\behaviors\OtpBehavior;

...

'behavior' => [
    'otp' => [
        'class' => OtpBehavior::className(),
        // Component name
        'component' => 'otp',
        
        // column|property name for get and set secure phrase
        //'secretAttribute' => 'secret'
        
        //Window in time for check authorithation (current +/- window*interval) 
        //'window' => 0
    ],
...
]

小部件使用 用于生成初始二维码的小部件

use infoburp\otp\widgets\OtpInit;

<?php echo $form->field($model, 'otpSecret')->widget(
                    OtpInit::className() ,[
                        'component'=>'otp',
                        
                        // link text
                        'link' => 'ADD OTP BY LINK',
                        
                        'QrParams' => [
                            // pixels per cell
                            'size' => 3,
                            
                            // margin around QR-code
                            'margin' => 5,
                            
                            // by default image create and save at Yii::$app->runtimePath . '/temporaryQR/'
                            'outfile' => '/tmp/'.uniqid(),
                            
                            // save or delete after generate
                            'save' => false,
                        ]
                ]); ?>

验证。附加示例

// login view
<?php
            ...
            <?php echo $form->field($model, 'username') ?>
            <?php echo $form->field($model, 'otp')->passwordInput() ?>
            ...

// login form model
<?php
     /**
     * Validates the OTP.
     */
    public function validateOtp()
    {
        if (!$this->hasErrors()) {
            $user = $this->getUser();
            if (!$user || !$user->validateOtpSecret($this->otp)) {
                $this->addError('otp', Yii::t('common', 'Incorrect code.'));
            }
        }
    }

更多信息

鸣谢

许可证

GPLv3许可证。有关更多信息,请参阅许可证文件