https://github.com/grimpirate/halberd

A TOTP (Time-Based One-Time Password) Two-Factor Authentication Module for codeigniter4/shield
https://github.com/grimpirate/halberd

authentication codeigniter4 totp

Last synced: 9 months ago
JSON representation

A TOTP (Time-Based One-Time Password) Two-Factor Authentication Module for codeigniter4/shield

• Host: GitHub
• URL: https://github.com/grimpirate/halberd
• Owner: grimpirate
• License: mit
• Created: 2023-02-23T15:07:07.000Z (almost 3 years ago)
• Default Branch: develop
• Last Pushed: 2025-01-02T19:04:02.000Z (about 1 year ago)
• Last Synced: 2025-03-25T19:51:12.990Z (10 months ago)
• Topics: authentication, codeigniter4, totp
• Language: PHP
• Homepage: https://github.com/grimpirate/halberd
• Size: 3.78 MB
• Stars: 7
• Watchers: 3
• Forks: 2
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# Halberd

A TOTP (Time-Based One-Time Password) Two-Factor Authentication Module for [codeigniter4/shield](https://github.com/codeigniter4/shield)

## Installation

Project should have a stability level of dev

```

composer config minimum-stability dev

composer config prefer-stable true

composer require grimpirate/halberd:dev-develop

```

## Configuration

The TOTP authenticator class must be added to the Config/Auth file

```

...

class Auth extends BaseConfig

{

  ...

  public array $authenticators = [

    'tokens'  => AccessTokens::class,

    'session' => Session::class,

    'hmac'    => HmacSha256::class,

    // 'jwt'     => JWT::class,

    'totp'    => \GrimPirate\Halberd\Authentication\Authenticators\TOTP::class,

  ];

  ...

```

A spark command is provided to finalize installation. It will use [codeigniter4/settings](https://github.com/codeigniter4/settings) to set up the configuration for: Auth.views, Auth.actions, TOTP.issuer and TOTP.stylesheet

```

php spark halberd:ini

```

The dependency [pragmarx/google2fa](https://github.com/antonioribeiro/google2fa?tab=readme-ov-file#server-time) requires that your server time be accurately synchronized (via NTP or some other means). CodeIgniter's [appTimezone](https://github.com/codeigniter4/CodeIgniter4/blob/655bd1de0c460b0e1353d2ead8ecff956ac08ccc/app/Config/App.php#L136) will not affect OTP generation.

The QR Code will not be visible without creating a stylesheet and applying some basic styles, for instance

```

svg

{

  width: 100%;

  height: 240px;

  fill-rule: evenodd;

}

```