Last active
August 29, 2015 13:58
-
-
Save AntoineAugusti/10384791 to your computer and use it in GitHub Desktop.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| <?php | |
| session_start(); | |
| // Include vendor autoload | |
| include 'vendor/autoload.php'; | |
| // Your website name, or URL. It will be displayed in Google Authenticator | |
| define("WEBSITE_URL", 'exampleWebsite'); | |
| // The username of the user | |
| $username = "username"; | |
| $ht = new HOTPass(); | |
| // Generate a secret key for the user. You'll have to store it in your database | |
| // For this example we generate only a secret key. The secret key will be the same when you will refresh this page because we want to verify that the current code given is the same as the one on your phone | |
| echo "<h2>The secret key</h2>"; | |
| if (empty($_SESSION['secretKey'])) { | |
| $secretKey = $ht->userRandomKey(); | |
| $_SESSION['secretKey'] = $secretKey; | |
| } | |
| else | |
| $secretKey = $_SESSION['secretKey']; | |
| echo $secretKey; | |
| // Generate the QR-code. The user will have to scan it from the Google Authenticator app | |
| echo "<h2>The QR-code</h2>"; | |
| echo "<img src=".$ht->getQRcodeURL($username, WEBSITE_URL, $secretKey)." />"; | |
| // You will have to call this method with the user's secret key to have the current right key | |
| // Remember: a new key is generated every 30 seconds | |
| echo "<h2>The current code</h2>"; | |
| $currentCode = $ht->generate($secretKey, 30); | |
| echo $currentCode; | |
| ?> |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment