https://github.com/zxc7563598/php-google-authenticator

一个用于生成和验证时间基础一次性密码（TOTP）的 PHP 包，支持 Google Authenticator 及类似应用。功能包括密钥生成、二维码创建和 OTP 验证 | A PHP library for generating and verifying Time-Based One-Time Passwords (TOTP). Compatible with Google Authenticator and similar apps, with features like secret generation, QR code creation, and OTP verification
https://github.com/zxc7563598/php-google-authenticator

2fa authentication composer google-authenticator otp php qr-code security totp

Last synced: 11 months ago
JSON representation

一个用于生成和验证时间基础一次性密码（TOTP）的 PHP 包，支持 Google Authenticator 及类似应用。功能包括密钥生成、二维码创建和 OTP 验证 | A PHP library for generating and verifying Time-Based One-Time Passwords (TOTP). Compatible with Google Authenticator and similar apps, with features like secret generation, QR code creation, and OTP verification

• Host: GitHub
• URL: https://github.com/zxc7563598/php-google-authenticator
• Owner: zxc7563598
• License: mit
• Created: 2025-04-21T03:57:30.000Z (about 1 year ago)
• Default Branch: main
• Last Pushed: 2025-05-27T02:53:25.000Z (about 1 year ago)
• Last Synced: 2025-06-29T09:46:05.426Z (12 months ago)
• Topics: 2fa, authentication, composer, google-authenticator, otp, php, qr-code, security, totp
• Language: PHP
• Homepage:
• Size: 16.6 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

          
# hejunjie/google-authenticator



  English｜简体中文

  




A PHP library for generating and verifying Time-Based One-Time Passwords (TOTP). Compatible with Google Authenticator and similar apps, with features like secret generation, QR code creation, and OTP verification.

**This project has been parsed by Zread. If you need a quick overview of the project, you can click here to view it：[Understand this project](https://zread.ai/zxc7563598/php-google-authenticator)**

## Purpose & Intention

With the increasing demand for security, more and more websites and applications are adopting two-factor authentication (2FA) to protect user accounts. Google Authenticator is one of the most common 2FA applications, using time-based one-time passwords (TOTP) to ensure security.

During the implementation of Google Authenticator, I found that many PHP libraries on the market are feature-rich but relatively complex. These libraries not only support TOTP authentication but often include additional functionalities such as user management and complicated configuration options. For many developers, these features can be too large, and often, we only need to accomplish a few simple tasks:

- Generate a TOTP secret;

- Generate a QR code for the user to scan;

- Verify the code entered by the user.

Therefore, I created the **`hejunjie/google-authenticator`** library to provide a lightweight and simple solution. If you just need to quickly implement these basic Google Authenticator features, this library should be a great fit for you.

## Installation

Install via Composer:

```bash

composer require hejunjie/google-authenticator

```

## Usage Instructions

### 1. Generate a key for the user

> Generate a secret for the user, which will be required during verification, so it needs to be saved for the user.

```php

use Hejunjie\GoogleAuthenticator\GoogleAuthenticator;

$secret = GoogleAuthenticator::generateSecret();

// Output secret (var_dump)

// string(26) "3PVPN3ASEIM457VR5VNUONDQB4"

```

### 2. Generate a QR code from the key

> Used for Google Authenticator QR code scanning

```php

use Hejunjie\GoogleAuthenticator\GoogleAuthenticator;

$issuer = 'issuer'; // The displayed name in Google Authenticator is 「issuer: label」

$label = 'label'; // The displayed name in Google Authenticator is 「issuer: label」

$secret = "User's Secret"; // You can use a manually set key or a key generated by GoogleAuthenticator::generateSecret()

$path = '/www/wwwroot/xxxxx.png'; // QR code file storage path (with name)

$width = 300; // [Optional] QR code image width, default is 300

$logo = '/www/wwwroot/xxxxx.png'; // [Optional] Logo file path (if no logo is needed, provide an empty string), default is an empty string

$logo_width = 50; // [Optional] QR code image width (if no logo, this is invalid), default is 50

$getQRCodeFile = GoogleAuthenticator::getQRCodeFile($issuer, $label, $secret, $path, $width, $logo, $logo_width);

// Output Image Path (var_dump)

// string(67) "/www/wwwroot/xxxxx.png"

```

### 3. Verify if it's valid

```php

use Hejunjie\GoogleAuthenticator\GoogleAuthenticator;

$secret = "User's Secret";

$code = "Code Entered by the User";

$checkCode = GoogleAuthenticator::checkCode($secret, $code);

// Output Result

// bool(false)

```

## 🔧 Additional Toolkits (Can be used independently or installed together)

This project was originally extracted from [hejunjie/tools](https://github.com/zxc7563598/php-tools).

To install all features in one go, feel free to use the all-in-one package:

```bash

composer require hejunjie/tools

```

Alternatively, feel free to install only the modules you need：

[hejunjie/utils](https://github.com/zxc7563598/php-utils) - A lightweight and practical PHP utility library that offers a collection of commonly used helper functions for files, strings, arrays, and HTTP requests—designed to streamline development and support everyday PHP projects.

[hejunjie/cache](https://github.com/zxc7563598/php-cache) - A layered caching system built with the decorator pattern. Supports combining memory, file, local, and remote caches to improve hit rates and simplify cache logic.

[hejunjie/china-division](https://github.com/zxc7563598/php-china-division) - Regularly updated dataset of China's administrative divisions with ID-card address parsing. Distributed via Composer and versioned for use in forms, validation, and address-related features

[hejunjie/error-log](https://github.com/zxc7563598/php-error-log) - An error logging component using the Chain of Responsibility pattern. Supports multiple output channels like local files, remote APIs, and console logs—ideal for flexible and scalable logging strategies.

[hejunjie/mobile-locator](https://github.com/zxc7563598/php-mobile-locator) - A mobile number lookup library based on Chinese carrier rules. Identifies carriers and regions, suitable for registration checks, user profiling, and data archiving.

[hejunjie/address-parser](https://github.com/zxc7563598/php-address-parser) - An intelligent address parser that extracts name, phone number, ID number, region, and detailed address from unstructured text—perfect for e-commerce, logistics, and CRM systems.

[hejunjie/url-signer](https://github.com/zxc7563598/php-url-signer) - A PHP library for generating URLs with encryption and signature protection—useful for secure resource access and tamper-proof links.

[hejunjie/google-authenticator](https://github.com/zxc7563598/php-google-authenticator) - A PHP library for generating and verifying Time-Based One-Time Passwords (TOTP). Compatible with Google Authenticator and similar apps, with features like secret generation, QR code creation, and OTP verification.

[hejunjie/simple-rule-engine](https://github.com/zxc7563598/php-simple-rule-engine) - A lightweight and flexible PHP rule engine supporting complex conditions and dynamic rule execution—ideal for business logic evaluation and data validation.

👀 All packages follow the principles of being lightweight and practical — designed to save you time and effort. They can be used individually or combined flexibly. Feel free to ⭐ star the project or open an issue anytime!

---

This library will continue to be updated with more practical features. Suggestions and feedback are always welcome — I’ll prioritize new functionality based on community input to help improve development efficiency together.