RFC 6238 / TOTP: Time-Based One-Time Password Algorithm
MIT License
PHP implementation of RFC6238 (TOTP: Time-Based One-Time Password Algorithm).
php composer.phar require jp3cki/totp
<?php
declare(strict_types=1);
use jp3cki\totp\Totp;
require_once('vendor/autoload.php');
// Generate new shared-secret key (for each user)
$secret = Totp::generateKey();
echo "secret: {$secret}\n";
echo "\n";
// Make URI for importing from QRCode.
$uri = Totp::createKeyUriForGoogleAuthenticator($secret, '[email protected]', 'Issuer Name');
echo "uri: {$uri}\n";
echo "\n";
// Verify user input
$userInput = '123456'; // $_POST['totp']
$isValid = Totp::verify($userInput, $secret, time());
var_dump($isValid);
Copyright (c) 2015-2024 AIZAWA Hina <[email protected]>
Patches and/or report issues are welcome.
$ make test
$ make check-style
v3.0.0
v2.0.0
Random::generate*()
. Always use random_bytes()
now.