INTRODUCTION
This is a simple one-time password module for Core Boxx – With a predefined reactions table, library, and API. Plug this one into Core Boxx if you need more security measures.
LICENSE & DOWNLOAD
Core Boxx is released under the MIT License. You are free to use it for personal and commercial projects, and modify it as you see fit. On the condition that the software is provided “as-is”. There are no warranties provided and “no strings attached”. Code Boxx and the authors are not liable for any claims, damages, or liabilities.
Download Core Boxx OTP Module | GitHub | Source Forge
INSTALLATION & REQUIREMENTS
- The user module must be installed first.
- Unzip this module into your existing Core Boxx project folder.
- Import
lib/SQL-Otp.sqlinto your database.
FILES LIST
lib/LIB-Otp.phpThe OTP library.lib/API-otp.phpOTP API endpoint.pages/MAIL-otp.phpThe OTP email template.pages/PAGE-otp-one.php“Step 1” of the OTP process, request for an OTP.pages/PAGE-otp-two.php“Step 2” of the OTP process, enter the OTP for verification.
OTP REFERENCE
OTP TABLE
| Field | Description |
user_email |
Primary key. The user that requested the OTP. |
otp_pass |
The one-time password. |
otp_timestamp |
Time at which the OTP request is made. |
otp_tries |
A number of times the user has entered the wrong OTP. |
OTP LIBRARY FUNCTIONS
Generates OTP and sends it to the user via email.
echo $_CORE->OTP->generate("jon@doe.com");
? "OTP sent to email" : $_CORE->error;Verifies the given OTP.
if ($_CORE->OTP->challenge("jon@doe.com", "123456") {
// PROCEED TO DO YOUR SECURE STUFF
} else { echo $_CORE->error; }
OTP API FUNCTIONS
Accessible at http://yoursite.com/api/otp/REQUEST/. These are pretty much a replica of the above library functions, except in REST API format. Feel free to delete api/API-otp.php if you don’t intend to integrate an API.
Verifies the given OTP.
Generate OTP and send it to the user via email.
$_POST["email"]– String, the user email.
Challenge OTP.
$_POST["email"]– String, the user email.$_POST["pass"]– String, OTP.
