{"id":31577427,"url":"https://github.com/beastbytes/yii-otp","last_synced_at":"2026-03-27T02:17:32.782Z","repository":{"id":287574956,"uuid":"965169869","full_name":"beastbytes/yii-otp","owner":"beastbytes","description":"One Time Passwords (OTP) (HOTP or TOTP algorithm) in Yii3 applications","archived":false,"fork":false,"pushed_at":"2025-10-18T21:04:12.000Z","size":182,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-10-19T09:56:43.411Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"bsd-3-clause","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/beastbytes.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE.md","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2025-04-12T15:10:29.000Z","updated_at":"2025-10-18T21:04:17.000Z","dependencies_parsed_at":"2025-10-18T20:08:39.342Z","dependency_job_id":"45bead5a-5e67-433f-9d84-1cd326cb8036","html_url":"https://github.com/beastbytes/yii-otp","commit_stats":null,"previous_names":["beastbytes/yii-otp"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/beastbytes/yii-otp","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/beastbytes%2Fyii-otp","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/beastbytes%2Fyii-otp/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/beastbytes%2Fyii-otp/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/beastbytes%2Fyii-otp/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/beastbytes","download_url":"https://codeload.github.com/beastbytes/yii-otp/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/beastbytes%2Fyii-otp/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":31009858,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-03-27T01:56:05.093Z","status":"online","status_checked_at":"2026-03-27T02:00:08.055Z","response_time":164,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2025-10-05T18:23:35.898Z","updated_at":"2026-03-27T02:17:32.774Z","avatar_url":"https://github.com/beastbytes.png","language":"PHP","readme":"# BeastBytes Yii OTP\nBeastBytes Yii OTP simplifies integrating Two-Factor Authentication (2FA) using either\n**HOTP** (HMAC One-Time Password - [RFC 4226](https://datatracker.ietf.org/doc/html/rfc4226)) or\n**TOTP** (Time-based One-Time Password - [RFC 6238](https://datatracker.ietf.org/doc/html/rfc6238))\ninto Yii3 applications.\n\n## Requirements\n* PHP 8.2 or higher.\n\n## Installation\n```php\ncomposer require beastbytes/yii-otp\n```\nor add the following to the 'require' section composer.json:\n```json\n\"beastbytes/yii-otp\": \"\u003cversion-contraint\u003e\"\n```\n## Usage\nThe application interacts with either \u003ccode\u003eHtopService\u003c/code\u003e or \u003ccode\u003eTotpService\u003c/code\u003e.\n\n**NOTE:** Code examples show only the core functionality; they do not show dependency injections, support methods, etc.\n\n### Configuration\nThe default configuration is for **TOTP** and is compatible with authenticator apps such as \nGoogle Authenticator, Aegis, etc.\n\n### Enable OTP\n```php\n// Otp Controller\npublic function enable(\n    CurrentUser $currentUser,\n    FormHydrator $formHydrator,\n    ServerRequestInterface $request,\n): ResponseInterface\n{\n    $formModel = new OtpForm($this-\u003eotpService);\n    \n    if ($formHydrator-\u003epopulateFromPostAndValidate($formModel, $request)) {\n        $this-\u003eredirct('ShowBackupCodes');\n    }\n    \n    ['qrCode', 'secret'] = $this-\u003eotpService-\u003ecreateOtp($currentUser-\u003egetId());\n    \n    return $this-\u003eviewRenderer-\u003erender(\n        'enable2faView',\n        [\n            'formModel' =\u003e $formModel,\n            'qrCode' =\u003e $qrCode,\n            'secret' =\u003e $secret,\n        ]   \n    );    \n}\n```\n\n```php\n// enable OTP View\n\u003cp\u003eEither scan the QR Code or manually enter the \u003cabbr title='Two\u0026hyphen;Factor Authentication'\u003e2FA\u003c/abbr\u003e code into\n    your 2FA app, then enter the \u003cabbr title='One\u0026hyphen;Time Password'\u003e OTP\u003c/abbr\u003e code generated by the app.\u003c/p\u003e\n\u003cimg src=\"\u003c?=$qrCode?\u003e\" alt=\"QR Code\" height=\"400px\" width=\"400px\" /\u003e\n\u003cdiv\u003e2FA Code\u003c/div\u003e\n\u003cdiv\u003e\u003c?= $secret ?\u003e\u003c/div\u003e\n\u003c?= $form\n    -\u003epost($url)\n    -\u003ecsrf($csrf)\n    -\u003eopen()\n; ?\u003e\n\u003c?= Field::text($formModel, 'code') ?\u003e\n\u003c?= Field::submitButton('Verify') ?\u003e\n\u003c?= $form-\u003eclose() ?\u003e\n```\n\n### Verify TOTP\n\n```php\n// Otp Controller\npublic function verify(\n    CurrentUser $currentUser,\n    FormHydrator $formHydrator,\n    ServerRequestInterface $request,\n): ResponseInterface\n{\n    $formModel = new OtpForm($this-\u003eotpService, true);\n    \n    if ($formHydrator-\u003epopulateFromPostAndValidate($formModel, $request)) {\n        $this-\u003eredirct('verified');\n    }\n    \n    return $this-\u003eviewRenderer-\u003erender(\n        'enable2faView',\n        [\n            'formModel' =\u003e $formModel,\n        ]   \n    );    \n}\n```\n\n```php\n// Verify OTP View\n\u003c?= $form\n    -\u003epost($url)\n    -\u003ecsrf($csrf)\n    -\u003eopen()\n; ?\u003e\n\u003c?= Field::text($formModel, 'code') ?\u003e\n\u003c?= Field::submitButton('Verify') ?\u003e\n\u003c?= $form-\u003eclose() ?\u003e\n```\n\n### OTPForm\n```php\nfinal class OtpForm extends FormModel\n{\n    private string $otpCode = '';\n    \n    public function __construct(\n        private readonly OtpServiceInterface $otpService, \n        private readonly bool $allowBackupCode = false\n    )\n    {        \n    }\n\n    public function getRules(): array\n    {\n        return [\n            'otpCode' =\u003e [\n                new Required(),\n                new Regex(($this-\u003eallowBackupCode ? '/.+/' : '/\\d{3}\\s?\\d{3}/')),\n                new Callback(\n                    callback: function (): Result {\n                        $result = new Result();\n\n                        if (!$this-\u003eotpService-\u003everify(str_replace(' ', '', $this-\u003eotpCode))) {\n                            $result-\u003eaddError('Invalid Code');\n                        }\n\n                        return $result;\n                    },\n                ),\n            ]\n        ];\n    }\n}\n```","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbeastbytes%2Fyii-otp","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fbeastbytes%2Fyii-otp","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fbeastbytes%2Fyii-otp/lists"}