MFA Client
PHP class to enable multi factor authentication for a webapp.
Related projects:
Reqirements
- PHP 8 (up to PHP 8.4)
- PHP application with a simple user based protection eg. basic authentication.
- A running Mfa server instance
Installation
Get source
Go to the web application vendor directory.
Clone this repository.
git clone <repo url>Configuration
The files in the subdir src:
cd mfa-client/srcCopy mfaconfig.php.dist to mfaconfig.php.
Open the mfa server admin and create a new web app. You get an id and a secret for your aplication.
In the config enter the url of api, id and secret.
<?php
return [
"api" => "https://mfa.example.com/api/",
"appid" => "c1cabd22fbdb698861ad08b27de7399a",
"shared_secret" => "p9wjjXSewZq0VkM1t5Sm3ZbI4ATEVetU",
"debug" => false,
];Enable MFA
Activate MFA after logon
This step depends on your code. You need to find a good place to embed the MFA process.
<?php
...
// enable MFA:
include "<APPROOT>/vendor/mfa-client/src/mfa-ensure.php";
...Give access to user settings on mfa server
If a user is logged in and solves a mfa challenge then he jumps back to theapplication. You should offer a link to the user that jumps to the mfa server to edit his own settings there.
A good place is the user profile page in your app.
📌 Example:
<?php
...
// load class
require "<APPROOT>/vendor/mfa-client/mfaclient.class.php";
// initialize client
$oMfa = new mfaclient();
// $oMfa->debug(true);
// set the user
$oMfa->setUser($this->getUserid());
// show a button; set a complete url where to jump back
echo $oMfa->getButtonSetup(
"<button>MFA settings</button>",
"https://myapp.example.com/profile"
);
...