Core Boxx – One Time Password Module

TABLE OF CONTENTS

 

DOWNLOAD & INSTALLATION

First, the download links for the module, and also “installation instructions”.

 

LICENSE & DOWNLOAD

Core Boxx is released under the MIT License. You are free to use it for personal and commercial projects, and modify it as you see fit. On the condition that the software is provided “as-is”. There are no warranties provided and “no strings attached”. Code Boxx and the authors are not liable for any claims, damages, or liabilities.

Download Core Boxx OTP Module | GitHubSource Forge

 

INSTALLATION & REQUIREMENTS

  • Install the “main” Core Boxx and the user module first.
  • Unzip this module into your existing Core Boxx project folder.
  • Access http://site.com/otp/1 for the demo.

 

 

FILES LIST

LIBRARIES

  • lib/LIB-Otp.php The OTP library.

API

  • lib/API-otp.php OTP API endpoint.

ASSETS & PAGES

  • pages/PAGE-otp-one.php “Step 1” of the OTP process, request for an OTP.
  • pages/PAGE-otp-two.php “Step 2” of the OTP process, enter the OTP for verification.
  • pages/MAIL-otp.php The OTP email template.

 

DEVELOPMENT NOTES

  • Complete $_CORE->OTP->generate() and MAIL-otp.php, create your own “nice email”.
  • You can also tweak $_CORE->OTP->generate() to send out an SMS.
  • Complete $_CORE->OTP->challenge() – What happens when there are too many strikes? Warn the user? Lock the account?

 

 

LIBRARY REFERENCE

Lastly, the list of library functions and API endpoints.

 

OTP LIBRARY FUNCTIONS

generate($email)

Generates OTP and sends it to the user via email.

echo $_CORE->OTP->generate("jon@doe.com");
 ? "OTP sent to email" : $_CORE->error;
challenge($email, $pass)

Verifies the given OTP.

if ($_CORE->OTP->challenge("jon@doe.com", "123456") {
  // PROCEED TO DO YOUR SECURE STUFF
} else { echo $_CORE->error; }

 

OTP API FUNCTIONS

api/otp/generate/

Verifies the given OTP.

Generate OTP and send it to the user via email.

  • $_POST["email"] – String, the user email.
api/otp/challenge/

Challenge OTP.

  • $_POST["email"] – String, the user email.
  • $_POST["pass"] – String, OTP.

 

Leave a Comment

Your email address will not be published. Required fields are marked *