A library for generating a 2 factor authentication QR code to use with Google Authenticator, Authy, etc.
This library has secure QRCode creation because of the fact that the QRCode is generated locally on your server. This means that the user's secret is not passed to any third party or remote server in order to generate a code. This was inspired by the stack overflow answer by kravietz as seen here
composer require mincdev/php-otpauth
This library requires the tc-lib-barcode library found at https://github.com/tecnickcom/tc-lib-barcode.
Note: The tc-lib-barcode library is maintained and owned by a separate entity.
You can generate a QR code which can be scanned by Google Authenticator, Authy, etc. by using the below.
$otpAuth = new OtpAuthenticator();
$userName = "MrDoe";
$appName = "My Awesome App";
// Store this secret somewhere safe, as you'll need it to validate the pin later
$userSecret = $otpAuth->newSecret();
$qrBase64 = $otpAuth->getQR($userName, $appName, $userSecret);
Once your user logs in, you can validate their pin by making use of the following:
$otpAuth = new OtpAuthenticator();
$isValid = $otpAuth->validate($userSecret, $pinCode);