PHP Setting up Google Authenticator to Realize Two-Step Verification of Operations

Time:2019-10-9

Instructions:After opening the two-step verification of Google’s login (that is, the Google Authenticator service), users need to enter an additional one-time password generated by the mobile client when they log in. Implementing Google Authenticator requires support from both the server and the client. The server side is responsible for generating the key and verifying whether the one-time password is correct. The client records the key and generates a one-time password.

Download the Google Verification Class Library file and place it in the right place for the project (I put it under the project Vender here)

https://github.com/PHPGangsta/GoogleAuthenticator

PHP code example:

 

// Introducing Google Verifier Class
vendor('googleAuth.GoogleAuthenticator-master.PHPGangsta.GoogleAuthenticator');
$ga = new \PHPGangsta_GoogleAuthenticator();

// This is the generated key, unique to each user, which is saved for authentication by the user.
$secret = $ga->createSecret();
//echo $secret;

// To generate a two-dimensional code, the content is a URI address (otpauth://totp/account? Secret = key & issuer = title)
$qrCodeUrl = $ga->getQRCodeGoogleUrl('luokakale', $secret, 'googleVerify');
//echo  $qrCodeUrl;

 

The two-dimensional code address generated above can be put into the IMG tag of the web page. The example diagram is shown as follows:

 

Next, the client Google validates the APP scanner binding and then verifies the PHP code example.

// Introducing Google Verifier Class
vendor('googleAuth.GoogleAuthenticator-master.PHPGangsta.GoogleAuthenticator');
$ga = new \PHPGangsta_GoogleAuthenticator();

// Here are the validation parameters
$code = $_GET ['code']; // The corresponding validation code in Google Validation App submitted by the customer

// The user binds the unique key generated by Google Validation
$secret = 'VO2WA6NG3XZZEU4E';

// Verify that the authentication code submitted by the user is correct
$checkResult = $ga->verifyCode($secret, $code, 1); 

if ($checkResult) {
    echo 'SUCCESS';
} else {
    echo 'FAILED';
}

Validation success means customer-bound Google validation success. The Google Validation can be used in various scenarios such as customer login payment personal settings.

 

This article is the original content. In order to respect the work of others, please indicate the address of this article.

 

https://www.cnblogs.com/luokakale/p/11384838.html