PHPackages darlinkster/yii2-mfa - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. darlinkster/yii2-mfa ActiveYii2-extension[Authentication & Authorization](/categories/authentication) darlinkster/yii2-mfa ==================== Multi-factor authentication for yii2 1.0.5(9mo ago)035BSD-3-ClausePHPPHP >=7.1|>=8.0 Since Sep 22Pushed 9mo agoCompare [ Source](https://github.com/Darlinkster/yii2-mfa)[ Packagist](https://packagist.org/packages/darlinkster/yii2-mfa)[ RSS](/packages/darlinkster-yii2-mfa/feed)WikiDiscussions master Synced 3w ago READMEChangelog (4)Dependencies (3)Versions (5)Used By (0) Yii2 MFA ======== [](#yii2-mfa) [![Latest Stable Version](https://camo.githubusercontent.com/0f455234bd13193a6950c47abd949c84178953429f4867b3fe517e756086a603/68747470733a2f2f706f7365722e707567782e6f72672f6461726c696e6b737465722f796969322d6d66612f762f737461626c65)](https://packagist.org/packages/darlinkster/yii2-mfa)[![Total Downloads](https://camo.githubusercontent.com/60d500400be47761fcf95226173e4fd07cc8121073b9255c64f557ac43fd2487/68747470733a2f2f706f7365722e707567782e6f72672f6461726c696e6b737465722f796969322d6d66612f646f776e6c6f616473)](https://packagist.org/packages/darlinkster/yii2-mfa)[![Yii2](https://camo.githubusercontent.com/d6b0929173e28cc627430d2519ca1853466a70f37395877eaf4820cb3e1e1909/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f506f77657265645f62792d5969695f4672616d65776f726b2d677265656e2e7376673f7374796c653d666c6174)](http://www.yiiframework.com/) About it -------- [](#about-it) An extension support implementing multi factor authenticate base [vxm/yii2-mfa](https://github.com/vuongxuongminh/yii2-mfa) on and [Spomky-Labs/otphp](https://github.com/Spomky-Labs/otphp) wrapper for Yii2 user component. Requirements ------------ [](#requirements) - [PHP >=7.1|>=8.0](http://php.net) - [yiisoft/yii2 >= 2.0.13](https://github.com/yiisoft/yii2) Installation ------------ [](#installation) Require Yii2 MFA using [Composer](https://getcomposer.org): ``` composer require darlinkster/yii2-mfa ``` Usage ----- [](#usage) ### App config [](#app-config) ``` 'components' => [ 'user' => [ 'as mfa' => [ 'class' => 'vxm\mfa\Behavior', 'verifyUrl' => 'site/mfa-verify' // verify action, see bellow for setup it ] ], ] ``` ### Identity implementing [](#identity-implementing) When use it, your identity class must be implementing `vxm\mfa\IdentityInterface` this interface extends from `yii\web\IdentityInterface`add `getMfaSecretKey()` and `getIsMfaEnabled()`, this method return a mfa key of an identity use for generate and validate otp or return null if mfa disabled on an identity. ``` use yii\db\ActiveRecord; use vxm\mfa\IdentityInterface; /** * @property bool $is_mfa_enabled * @property string $mfa_secret * @mixin \vxm\mfa\Behavior */ class User extends ActiveRecord implements IdentityInterface { public function getMfaSecretKey() { return $this->mfa_secret; } public function getIsMfaEnabled() { return $this->is_mfa_enabled && $this->mfa_secret; } } ``` ### Verify action config [](#verify-action-config) This action use to redirect user when user login and need to be verify mfa otp. Config it in to `actions` method of your `controller` ``` public function actions() { return [ 'mfa-verify' => [ 'class' => 'vxm\mfa\VerifyAction', 'viewFile' => 'mfa-verify', // the name of view file use to render view. If not set an action id will be use, in this case is `mfa-verify` 'formVar' => 'model', // the name of variable use to parse [[\vxm\mfa\OtpForm]] object to view file. 'retry' => true, // allow user retry when type wrong otp 'successCallback' => [$this, 'mfaPassed'], // callable call when user type valid otp if not set [[yii\web\Controller::goBack()]] will be call. 'invalidCallback' => [$this, 'mfaOtpInvalid'], // callable call when user type wrong otp if not set and property `retry` is false [[yii\web\User::loginRequired()]] will be call, it should be use for set flash notice to user. 'retry' => true, // allow user retry when type wrong otp ] ]; } ``` After setup verify action, you need create a view (mfa-verify) in this view have a variable `model` is instance of `vxm\mfa\OtpForm` use to create a form submit an otp ```