Google Authenticator gets a new wave of interest from the web community, trying to put an extra layer on top of user authentication process. There’s a plethora of plugins and components that let you authenticate with Google, but most of them aim to OAuth and Google+ integration. Two-step auth gets aside.
I took few hours on research for the simple 2FA library available on the net and found TwoFactorAuth that already support Google URI QR-codes, that can be easily embedded into any framework/application running on PHP.
CakePHP3.x Integration
With few minor modifications it nicely got integrated into CakePHP 3.x framework. If you’re using CakePHP 3.x, you can install ‘develop’ branch, of CakeDC/Users plugin, and enable two-factor authentication with few minor modifications.
<?php //config/app.php or any other config file that suites your app Configure::write('GoogleAuthenticator.login', true); /* some other custom configs you might need 'GoogleAuthenticator' => [ //enable Google Authenticator 'login' => false, 'issuer' => null, // The number of digits the resulting codes will be 'digits' => 6, // The number of seconds a code will be valid 'period' => 30, // The algorithm used 'algorithm' => 'sha1', // QR-code provider (more on this later) 'qrcodeprovider' => null, // Random Number Generator provider (more on this later) 'rngprovider' => null, // Key used for encrypting the user credentials, leave this false to use Security.salt 'encryptionKey' => false ], */ ?>
When you enable it the CakeDC/Users Google Authenticator feature, upon ‘/login’ you will ll be redirected to ‘/verify’, where you should insert your verification code from the mobile app (Google Authenticator for Android).
If you’re already sharing a secret key with the website/app, you won’t have to synchronize an app with it. Otherwise, you’ll have to scan it first, as it’s described in the documentation. QR-code will appear on the ‘/verify’ action of the app.
UPD: CakeDC/Users has upgraded the plugin to 4.x version, which enables Google Authenticator in the master repo.