# Google2FA ## Google Two-Factor Authentication for PHP Google2FA is a PHP implementation of the Google Two-Factor Authentication Module, supporting the HMAC-Based One-time Password (HOTP) algorithm specified in [RFC 4226](https://tools.ietf.org/html/rfc4226) and the Time-based One-time Password (TOTP) algorithm specified in [RFC 6238](https://tools.ietf.org/html/rfc6238). ---
--- ## Menu - [Version Compatibility](#version-compatibility) - [Google Two-Factor Authentication for PHP](#google-two-factor-authentication-for-php) - [Laravel bridge](#laravel-bridge) - [Demos, Example & Playground](#demos-example--playground) - [Requirements](#requirements) - [Installing](#installing) - [Usage](#usage) - [How To Generate And Use Two Factor Authentication](#how-to-generate-and-use-two-factor-authentication) - [Generating QRCodes](#generating-qrcodes) - [QR Code Packages](#qr-code-packages) - [Examples of Usage](#examples-of-usage) - [HMAC Algorithms](#hmac-algorithms) - [Server Time](#server-time) - [Validation Window](#validation-window) - [Using a Bigger and Prefixing the Secret Key](#using-a-bigger-and-prefixing-the-secret-key) - [Google Authenticator secret key compatibility](#google-authenticator-secret-key-compatibility) - [Google Authenticator Apps](#google-authenticator-apps) - [Deprecation Warning](#deprecation-warning) - [Testing](#testing) - [Authors](#authors) - [License](#license) - [Contributing](#contributing) ## Version Compatibility PHP | Google2FA :--------|:---------- 5.4 | 7.x LTS 5.5 | 7.x LTS 5.6 | 7.x LTS 7.1 | 8.x 7.2 | 8.x 7.3 | 8.x 7.4 | 8.x 8.0 (β) | 8.x ## Laravel bridge This package is agnostic, but there's a [Laravel bridge](https://github.com/antonioribeiro/google2fa-laravel). ## About QRCode generation This package does not generate QRCodes for 2FA. If you are looking for Google Two-Factor Authentication, but also need to generate QRCode for it, you can use the [Google2FA QRCode package](https://github.com/antonioribeiro/google2fa-qrcode), which integrates this package and also generates QRCodes using the BaconQRCode library, or check options on how to do it yourself [here in the docs](#qr-code-packages). ## Demos, Example & Playground Please check the [Google2FA Package Playground](http://pragmarx.com/playground/google2fa). ![playground](docs/playground.jpg) Here's an demo app showing how to use Google2FA: [google2fa-example](https://github.com/antonioribeiro/google2fa-example). You can scan the QR code on [this (old) demo page](https://antoniocarlosribeiro.com/technology/google2fa) with a Google Authenticator app and view the code changing (almost) in real time. ## Requirements - PHP 7.1 or greater ## Installing Use Composer to install it: composer require pragmarx/google2fa To generate inline QRCodes, you'll need to install a QR code generator, e.g. [BaconQrCode](https://github.com/Bacon/BaconQrCode): composer require bacon/bacon-qr-code ## Usage ### Instantiate it directly ```php use PragmaRX\Google2FA\Google2FA; $google2fa = new Google2FA(); return $google2fa->generateSecretKey(); ``` ## How To Generate And Use Two Factor Authentication Generate a secret key for your user and save it: ```php $user->google2fa_secret = $google2fa->generateSecretKey(); ``` ## Generating QRCodes The securer way of creating QRCode is to do it yourself or using a library. First you have to install a QR code generator e.g. BaconQrCode, as stated above, then you just have to generate the QR code url using: ```php $qrCodeUrl = $google2fa->getQRCodeUrl( $companyName, $companyEmail, $secretKey ); ``` Once you have the QR code url, you can feed it to your preferred QR code generator. ```php // Use your own QR Code generator to generate a data URL: $google2fa_url = custom_generate_qrcode_url($qrCodeUrl); /// and in your view: ``` And to verify, you just have to: ```php $secret = $request->input('secret'); $valid = $google2fa->verifyKey($user->google2fa_secret, $secret); ``` ## QR Code Packages This package suggests the use of [Bacon/QRCode](https://github.com/Bacon/BaconQrCode) because it is known as a good QR Code package, but you can use it with any other package, for instance [Google2FA QRCode](https://github.com/antonioribeiro/google2fa-qrcode), [Simple QrCode](https://www.simplesoftware.io/docs/simple-qrcode) or [Endroid QR Code](https://github.com/endroid/qr-code), all of them use [Bacon/QRCode](https://github.com/Bacon/BaconQrCode) to produce QR Codes. Usually you'll need a 2FA URL, so you just have to use the URL generator: ```php $google2fa->getQRCodeUrl($companyName, $companyEmail, $secretKey) ``` ## Examples of Usage ### [Google2FA QRCode](https://github.com/antonioribeiro/google2fa-qrcode) Get a QRCode to be used inline: ```php $google2fa = (new \PragmaRX\Google2FAQRCode\Google2FA()); $inlineUrl = $google2fa->getQRCodeInline( 'Company Name', 'company@email.com', $google2fa->generateSecretKey() ); ``` And use in your template: ```php ``` ### [Simple QrCode](https://www.simplesoftware.io/docs/simple-qrcode) ```phpScan me to return to the original page.
Scan me to return to the original page.