Core Boxx – One Time Password Module

TABLE OF CONTENTS

 

DOWNLOAD & INSTALLATION

First, the download links for the module, and also “installation instructions”.

 

LICENSE & DOWNLOAD

GitHubSource Forge

Core Boxx is released under the MIT License. You are free to use it for personal and commercial projects, and modify it as you see fit. On the condition that the software is provided “as-is”. There are no warranties provided and “no strings attached”. Code Boxx and the authors are not liable for any claims, damages, or liabilities.

 

INSTALLATION

  • Install the user’s module first.
  • Copy/unzip this module into your existing Core Boxx project folder.
  • Access http://your-site.com/otp/1 for the demo.

 

SORRY FOR THE ADS...

But someone has to pay the bills, and sponsors are paying for it. I insist on not turning Code Boxx into a "paid scripts" business, and I don't "block people with Adblock". Every little bit of support helps.

Buy Me A Coffee Code Boxx eBooks

 

 

FILES LIST

LIBRARIES

  • lib/LIB-OTP.php The OTP library.

API

  • lib/API-otp.php OTP API endpoint.

ASSETS & PAGES

  • pages/PAGE-otp-1.php “Step 1” of the OTP process, request for an OTP.
  • pages/PAGE-otp-2.php “Step 2” of the OTP process, enter the OTP for verification.
  • pages/MAIL-otp.php The OTP email template.

 

DEVELOPMENT NOTES

  • Complete MAIL-otp.php, create your own “nice email”.
  • You can also tweak $_CORE->OTP->generate() to send out an SMS.
  • Complete $_CORE->OTP->challenge() – What happens when there are too many strikes? Warn the user? Lock the account? Freeze transaction?

 

 

LIBRARY REFERENCE

Lastly, the list of library functions and API endpoints.

 

OTP LIBRARY FUNCTIONS

generate ($email)

Generates OTP and sends it to the user via email.

echo $_CORE->OTP->generate("jon@doe.com");
 ? "OTP sent to email" : $_CORE->error;
challenge ($email, $pass)

Verifies the given OTP.

if ($_CORE->OTP->challenge("jon@doe.com", "123456") {
  // PROCEED TO DO YOUR SECURE STUFF
} else { echo $_CORE->error; }

 

OTP API FUNCTIONS

api/otp/generate/

Verifies the given OTP.

Generate OTP and send it to the user via email.

  • $_POST["email"] – String, the user email.
api/otp/challenge/

Challenge OTP.

  • $_POST["email"] – String, the user email.
  • $_POST["pass"] – String, OTP.