/** * Index * * @access public */ public function index() { $user = $this->getUser(); $this->checkCurrentUser($user); $label = $user['email'] ?: $user['username']; $this->response->html($this->layout('twofactor/index', array('user' => $user, 'qrcode_url' => $user['twofactor_activated'] == 1 ? GoogleAuthenticator::getQrCodeUrl('totp', $label, $user['twofactor_secret']) : '', 'key_url' => $user['twofactor_activated'] == 1 ? GoogleAuthenticator::getKeyUri('totp', $label, $user['twofactor_secret']) : ''))); }
public function totp() { $secret = GoogleAuthenticator::generateRandom(); $_SESSION['user']['totp_secret'] = $secret; $username = $this->username; $qrCode = GoogleAuthenticator::getQrCodeUrl('totp', 'GESTCOM CRIDIP ' . $username, $secret); return $qrCode; }
public function enable() { if (!Auth::check()) { return Redirect::to('login'); } $secret = GoogleAuthenticator::generateRandom(); $qr = GoogleAuthenticator::getQrCodeUrl('totp', urlencode(Config::get('login::nombreapplicacion')) . ':' . Auth::user()->email, $secret); return View::make('login::login')->with('route', 'twostep.store')->with('mainPartial', 'twoStepEnablePartial')->with('footerPartial', 'twoStepPartialEnableFooter')->with('qr', $qr)->with('secret', $secret); }
/** * Tests getQrCodeUrl */ public function testGetQrCodeUrl() { $secret = 'MEP3EYVA6XNFNVNM'; // testing secret // Standard totp case $this->assertEquals('https://chart.googleapis.com/chart?chs=200x200&cht=qr&chld=M|0&chl=otpauth%3A%2F%2Ftotp%2Fuser%40host.com%3Fsecret%3DMEP3EYVA6XNFNVNM', GoogleAuthenticator::getQrCodeUrl('totp', '*****@*****.**', $secret)); // hotp (include a counter) $this->assertEquals('https://chart.googleapis.com/chart?chs=200x200&cht=qr&chld=M|0&chl=otpauth%3A%2F%2Fhotp%2Fuser%40host.com%3Fsecret%3DMEP3EYVA6XNFNVNM%26counter%3D1234', GoogleAuthenticator::getQrCodeUrl('hotp', '*****@*****.**', $secret, 1234)); // totp, this time with a parameter for chaning the size of the QR $this->assertEquals('https://chart.googleapis.com/chart?chs=300x300&cht=qr&chld=M|0&chl=otpauth%3A%2F%2Ftotp%2Fuser%40host.com%3Fsecret%3DMEP3EYVA6XNFNVNM', GoogleAuthenticator::getQrCodeUrl('totp', '*****@*****.**', $secret, null, array('height' => 300, 'width' => 300))); }
/** * Vue L'authentification à 2 facteurs */ public function totp() { $user = $this->auth->user(); if ($user->totp_key != '') { return redirect(url('profil'))->with('error', 'L\'authentification à 2 facteurs est déjà activer'); } $secret = GoogleAuthenticator::generateRandom(); $site_name = env('SITE_NAME', 'AltisPan'); $qrcode = GoogleAuthenticator::getQrCodeUrl('totp', "{$site_name} - {$user->name}", $secret); Session::put('secret', $secret); return view('users.totp', compact('qrcode')); }
use ORM, Otp\GoogleAuthenticator; $klein->respond('POST', '/ajax/account/totp', function ($request, $response) use($core) { /* * Generate the TOTP Token */ $secret = GoogleAuthenticator::generateRandom(); $account = ORM::forTable('users')->findOne($core->user->getData('id')); $account->totp_secret = $secret; $account->save(); /* * Generate QR Code */ $response->body('<div class="row" id="notice_box_totp" style="display:none;"></div> <div class="row"> <div class="col-md-6"> <center><img src="' . GoogleAuthenticator::getQrCodeUrl('totp', $core->user->getData('email'), $secret) . '" /><br /><br /><code>' . $secret . '</code></center> </div> <div class="col-md-6"> <div class="alert alert-info">Please verify your TOTP settings by scanning the QR Code to the right with your phone\'s authenticator application, and then enter the 6 number code generated by the application in the box below. Press the enter key when finished.</div> <form action="#" method="post" id="totp_token_verify"> <div class="form-group"> <label class="control-label" for="totp_token">TOTP Token</label> <input class="form-control" type="text" id="totp_token" style="" /> </div> ' . $core->auth->XSRF() . ' </form> </div> </div>')->send(); }); $klein->respond('POST', '/ajax/account/totp/verify', function ($request, $response) use($core) { // Responding with body rather than a flash since this is an AJAX request.
/** * Get QR code url * * @access public * @param string $label * @return string */ public function getQrCodeUrl($label) { if (empty($this->secret)) { return ''; } return GoogleAuthenticator::getQrCodeUrl('totp', $label, $this->secret); }
/** * Get QR code url * * @access public * @param string $label * @return string */ public function getQrCodeUrl($label) { if (empty($this->secret)) { return ''; } $options = array('issuer' => TOTP_ISSUER); return GoogleAuthenticator::getQrCodeUrl('totp', $label, $this->secret, null, $options); }
use Base32\Base32; // Getting a secret, either by generating or from storage // DON'T use sessions as storage for this in production!!! $secret = 0; if (isset($_SESSION['otpsecret'])) { $secret = $_SESSION['otpsecret']; } if (strlen($secret) != 16) { $secret = GoogleAuthenticator::generateRandom(); $_SESSION['otpsecret'] = $secret; } // The secret is now an easy stored Base32 string. // To use it in totp though we need to decode it into the original $otp = new Otp(); $currentTotp = $otp->totp(Base32::decode($secret)); $qrCode = GoogleAuthenticator::getQrCodeUrl('totp', 'otpsample@cr', $secret); $keyUri = GoogleAuthenticator::getKeyUri('totp', 'otpsample@cr', $secret); ?> <html> <head> <title>One Time Passwords Example</title> </head> <body> <h1>One Time Passwords Example</h1> Secret is <?php echo $secret; ?> . This is saved with the users credentials. <br />
public function getQrCodeUrl($realm, $label, $secret) { return GoogleAuthenticator::getQrCodeUrl($realm, $label, $secret); }