PHPackages destruidorpt/laravel-sqrl-auth - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. destruidorpt/laravel-sqrl-auth ActiveLibrary[Authentication & Authorization](/categories/authentication) destruidorpt/laravel-sqrl-auth ============================== Package for Authentication between Laravel and SQRL v1.0.1(5y ago)179471MITPHPPHP >=7.2 Since Jan 12Pushed 5y ago2 watchersCompare [ Source](https://github.com/DestruidorPT/laravel-sqrl-auth)[ Packagist](https://packagist.org/packages/destruidorpt/laravel-sqrl-auth)[ RSS](/packages/destruidorpt-laravel-sqrl-auth/feed)WikiDiscussions master Synced 2d ago READMEChangelog (2)Dependencies (2)Versions (3)Used By (0) Laravel SQRL Authentication [![](https://camo.githubusercontent.com/c5a0ce6945d8da08f4a0c7296f5e53d8df82ee105ecc5006c6437475d5b7bbd2/68747470733a2f2f7371726c2e6772632e636f6d2f696d6167652f313030783130302532305351524c2532304c6f676f2e706e67)](https://camo.githubusercontent.com/c5a0ce6945d8da08f4a0c7296f5e53d8df82ee105ecc5006c6437475d5b7bbd2/68747470733a2f2f7371726c2e6772632e636f6d2f696d6167652f313030783130302532305351524c2532304c6f676f2e706e67) ============================================================================================================================================================================================================================================================================================================================================================================================================================================================= [](#laravel-sqrl-authentication-) [![Issues](https://camo.githubusercontent.com/389131316fc4ee88719de1d825de2911ffbeb84cbf79fb76c74cae435071f137/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6973737565732f44657374727569646f7250542f6c61726176656c2d7371726c2d617574683f7374796c653d666c6174)](https://github.com/DestruidorPT/laravel-sqrl-auth/issues)[![Stars](https://camo.githubusercontent.com/da21a2390e3f0f73fcca53091a247d3cf7bd63cbea498ef37eb0f31a69af9ce5/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f73746172732f44657374727569646f7250542f6c61726176656c2d7371726c2d617574683f7374796c653d666c6174)](https://github.com/DestruidorPT/laravel-sqrl-auth/stargazers)[![License](https://camo.githubusercontent.com/80931aca6f2a8988215bfa62742eed5d88a363b2423329acdc220b2d8874f25b/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f44657374727569646f7250542f6c61726176656c2d7371726c2d617574683f7374796c653d666c6174)](https://github.com/DestruidorPT/laravel-sqrl-auth/blob/master/LICENSE) - [Introduction](#introduction) - [SQRL versions supported](#sqrl-versions-supported) - [Requirements](#requirements) - [Installation](#installation) - [Configure Log System](#configure-log-system) - [Details to get the project working with full functionality](#details-to-get-the-project-working-with-full-functionality) - [SQRL Authentication](#sqrl-authentication) - [SQRL Question](#sqrl-question) - [IP Address Verification](#ip-address-verification) - [SQRL Disabled](#sqrl-disabled) - [SQRL Only Allowed](#sqrl-only-allowed) - [SQRL Hardlock](#sqrl-hardlock) - [Example Instalation](#example-instalation) - [Classes And Data](#classes-and-data) - [Sqrl\_nonce](#sqrl_nonce-destruidorptlaravelsqrlauthappsqrl_nonce) - [Sqrl\_pubkey](#sqrl_pubkey-destruidorptlaravelsqrlauthappsqrl_pubkey) - [Functions Availables](#functions-availables) - [SQRLController](#sqrlcontroller-destruidorptlaravelsqrlauthapphttpcontrollerssqrlsqrlcontroller) - [Function to Generate Authenticated Nonce](#function-to-generate-authenticated-nonce) - [Function to Generate Question Nonce](#function-to-generate-question-nonce) - [Function to Check If User Can Auth By Normal Login](#function-to-check-if-user-can-auth-by-normal-login) - [Function to Check If User Can Use Recover Password](#function-to-check-if-user-can-use-recover-password) - [Function to Check If User Can Auth By SQRL](#function-to-check-if-user-can-auth-by-sqrl) - [Function to Check If The Nonce Is Ready](#function-to-check-if-the-nonce-is-ready) - [Function to Get User By Original Nonce If Can Be Authenticated](#function-to-get-user-by-original-nonce-if-can-be-authenticated) - [SQRLControllerAPI](#sqrlcontrollerapi-destruidorptlaravelsqrlauthapphttpcontrollerssqrlsqrlcontrollerapi) - [API Function to SQRL](#api-function-to-sqrl) - [API Function to Check If The Nonce Is Ready](#api-function-to-check-if-the-nonce-is-ready) - [Installation and Demo Video](#installation-and-demo-video) - [Contacts](#contacts) Introduction ============ [](#introduction) SQRL(Secure, Quick, Reliable Login) is a draft open standard for anonymous and secure user identification and authentication to websites and web applications, designed to eliminate username and password authentication to remote websites. Users need only to provide one password to unlock their signing keys, which are stored locally on their device and never disclosed to any website. The password is verified locally on the device that stores the signing keys. Laravel is a free, open-source PHP web framework, created by Taylor Otwell and intended for the development of web applications following the model–view–controller (MVC) architectural pattern and based on Symfony. One of the features of Laravel is a modular packaging system with a dedicated dependency manager. The following project consists of a laravel module designed to integrate SQRL authentication system to any laravel project. SQRL versions supported ======================= [](#sqrl-versions-supported) List of SQRL versions supported in this package and the features that were developed. - [SQRL version 1](#sqrl-version-1) We recommend reading these documents: - [SQRL Explained](https://www.grc.com/sqrl/sqrl_explained.pdf) - [SQRL Operating](https://www.grc.com/sqrl/sqrl_operating_details.pdf) - [SQRL Cryptography](https://www.grc.com/sqrl/sqrl_cryptography.pdf) - [SQRL On The Wire (Strongly Recommended)](https://www.grc.com/sqrl/sqrl_on_the_wire.pdf) SQRL version 1 -------------- [](#sqrl-version-1) - [SQRL Authentication](#sqrl-authentication); - [SQRL Question](#sqrl-question) (Make question by SQRL features); - [IP Address Verification](#ip-address-verification); - [SQRL Disabled](#sqrl-disable) (Disable all SQRL on User Account, if SQRL Client says so); - [SQRL Only Allowed](#sqrl-only-allowed) (Block any normal login and allow only by SQRL Authentication, if SQRL Client says so); - [SQRL Hardlock](#sqrl-hardlock) (Block any type of recory password or account, if SQRL Client says so); Requirements ============ [](#requirements) - PHP >= 7.2.0 - Laravel >= 6.0.0 Installation ============ [](#installation) You can check the installation process here to [Installation and Demo Video](#installation-and-demo-video). First, install laravel , and make sure that the database connection settings are correct. ``` composer require destruidorpt/laravel-sqrl-auth ``` Then run this command to create the necessary tables: ``` php artisan migrate ``` Add the following lines to this file `.env`. ``` APP_URL=https://sqrl.test # This one already exists in the .env file is the URL of your aplicacion SQRL_KEY_DOMAIN=sqrl.test # URL to yours SQRL Server without http:// and https:// SQRL_ROUTE_TO_SQRL_AUTH=/api/sqrl # Route to SQRL Server API, it must be pointed to the controller `SQRLControllerAPI` in the function `sqrl()` SQRL_URL_LOGIN=https://sqrl.test/login # URL to your login page SQRL_NONCE_MAX_AGE_MINUTES=5 # Max age in minutes of the valid nonce SQRL_NONCE_SALT=RANDOM # Generate a random salt value to calculate the nonce ``` Verify that the csrf token is not being verified in the route configured in `SQRL_ROUTE_TO_SQRL_AUTH` (file `.env`), can be disabled in `app/Http/Middleware/VerifyCsrfToken.php` with the variable `$except` by adding the information in SQRL\_ROUTE\_TO\_SQRL\_AUTH. (If it's not disabled, the SQRL Client will not be able to communicate with the SQRL Server). The next step is to copy the routes below to `routes/api.php` and past the route in the `SQRL_ROUTE_TO_SQRL_AUTH` (file `.env`) in this case, below the route the value will be `SQRL_ROUTE_TO_SQRL_AUTH=/api/sqrl`. ``` Route::group(['namespace'=>'\DestruidorPT\LaravelSQRLAuth\App\Http\Controllers'], function() { Route::post('/sqrl', 'SQRL\SQRLControllerAPI@sqrl'); # Route of API SQRL }); ``` Currently Laravel has a limitation for API calls per user, if your Laravel project locks API calls, consider tinkering with the following file: ``` App\Http\Kernel.php ``` And edit in `$middlewareGroups` the value `throttle:60,1` of `api`, if you don t want to laravel lock the API calls comment `throttle:60,1`. ``` protected $middlewareGroups = [ 'api' => [ 'throttle:60,1', #edit this value 'bindings', ], ]; ``` ### Important notice when developing the project, SQRL is only ready to work with https, which means you must have the certificates working. [](#important-notice-when-developing-the-project-sqrl-is-only-ready-to-work-with-https-which-means-you-must-have-the-certificates-working) Configure Log System ==================== [](#configure-log-system) This configuration is optional, but strongly recommended for debug purposes in case of any problems. If you want to register or log the information between SQRL server and the SQRL client, this is good for debug purposes, follow the steps below. Put the code below in the file `config\logging.php` on the array `channels`, this will separate the log file per day. ``` 'LaravelSQRLAuth' => [ 'driver' => 'daily', 'path' => storage_path('logs/LaravelSQRLAuth/' . date('Y/m/') . 'sqrl.log'), // add dynamic folder structure 'level' => 'debug', 'days' => 31, // set the maximum number of days in a month ] ``` Details to get the project working with full functionality ========================================================== [](#details-to-get-the-project-working-with-full-functionality) Here we will talk about how to apply all the available features gradually, in case you do not understand, you always have the [Example Instalation](#example-instalation) chapter and there you can install the example and see how it was implemented while being able to see the SQRL working. It will be divided into following parts: - [SQRL Authentication](#sqrl-authentication) - [SQRL Question](#sqrl-question) - [IP Address Verification](#ip-address-verification) - [SQRL Disabled](#sqrl-disable) - [SQRL Only Allowed](#sqrl-only-allowed) - [SQRL Hardlock](#sqrl-hardlock) ### SQRL Authentication [](#sqrl-authentication) This is the functionality to authenticate users to the site. First step, create a nonce for the authenticate user and send it to your login view, like the code below: ``` return view('LaravelSQRLAuthExemples.login', SQRLController::getNewAuthNonce()); ``` More details in [Function to Generate Authenticated Nonce](#function-to-generate-authenticated-nonce). Second step, check if you have the code below in `routes/api.php`, this will be the route to communicate to the SQRL Server and to check if the nonce is authenticated. ``` Route::group(['namespace'=>'\DestruidorPT\LaravelSQRLAuth\App\Http\Controllers'], function() { Route::get('/sqrl', 'SQRL\SQRLControllerAPI@checkIfisReady'); # Route to check if the nonce is verified Route::post('/sqrl', 'SQRL\SQRLControllerAPI@sqrl'); # Route of API SQRL }); ``` More details in [API Function to SQRL](#api-function-to-sqrl) and in [API Function to Check If is Ready the Nonce](#api-function-to-check-if-is-ready-the-nonce). Third step, put the code exemple below anywhere in your login page , this will be the link and the QR Code for the user to use with the SQRL Client. ``` {!! QrCode::size(100)->generate($url_login_sqrl); !!} ``` More details about [QR Code Generator](https://www.simplesoftware.io/simple-qrcode/). Fourth step, copy the script to your html page, this will verify if the next page is ready by the nonce value, it will check every 500 milliseconds (Recommend changing the value). ``` var syncQuery = window.XMLHttpRequest ? new window.XMLHttpRequest() : new ActiveXObject('MSXML2.XMLHTTP.3.0'); var url = '{{$check_state_on}}'; // the location of the SQRL server var newSync, lastSync, encodedSqrlUrl = false, sqrlScheme = true; var gifProbe = new Image(); // create an instance of a memory-based probe image var localhostRoot = 'http://localhost:25519/'; // the SQRL client listener gifProbe.onload = function() { // define our load-success function sqrlScheme = false; // prevent retriggering of the SQRL QR code. document.location.href = localhostRoot + encodedSqrlUrl; }; gifProbe.onerror = function() { // define our load-failure function setTimeout( function(){ gifProbe.src = localhostRoot + Date.now() + '.gif'; }, 250 ); } function pollForNextPage() { if (document.hidden) { // before probing for any page change, we check to setTimeout(pollForNextPage, 5000); // see whether the page is visible. If the user is return; // not viewing the page, check again in 5 seconds. } syncQuery.open( 'GET', url); // the page is visible, so let's check for any update syncQuery.onreadystatechange = function() { if ( syncQuery.readyState === 4 ) { if ( syncQuery.status === 200 ) { console.log(syncQuery.response); var response = JSON.parse(syncQuery.response); if(response.isReady == true) { document.location.href = response.nextPage; } else { if(response.msg === "Time out, reload nonce!" || response.msg === "IP Doesnt Match!" || response.msg === "SQRL is disable for this user!") { console.log(response.msg); var div = document.getElementById("ErroMessage"); div.innerHTML = response.msg+" Reload The Page and try again! If you want to Authenticate by SQRL"; div.removeAttribute("hidden"); } else { setTimeout(pollForNextPage, 500); // next check in 500 milliseconds } } } else { setTimeout(pollForNextPage, 500); // next check in 500 milliseconds } } }; syncQuery.send(); // initiate the query to the 'sync.txt' object. }; function sqrlLinkClick(e) { encodedSqrlUrl = e.getAttribute('encoded-sqrl-url'); // if we have an encoded URL to jump to, initiate our GIF probing before jumping if ( encodedSqrlUrl ) { gifProbe.onerror(); }; // trigger the initial image probe query } pollForNextPage(); ``` Fifth step, is to put this code: ``` if(isset($_GET["nut"]) && !empty($_GET["nut"])) { // Check if the nut exist or if it's past on URL https://site.test?nut= $object = SQRLController::getUserByOriginalNonceIfCanBeAuthenticated($_GET["nut"]); //Get the user by the original nonce if(isset($object)) { //Will be null if the nonce expired or is invalid if($object instanceof Sqrl_pubkey) { // This only happen when no SQRL Client is associated to the user, then Sqrl_pubkey from SQRL CLient is returned //new user return view('LaravelSQRLAuthExemples.newsqrl');//View for the user to create account or associate to one already created } else if($object > 0) { //This happen when SQRL Client is associated to a user, so the value is number and is the id of the user Auth::loginUsingId($object); //This is for authenticate the user with that id } } } ``` on the function was pointed in the variable `SQRL_URL_LOGIN`(file `.env`), you can see the function name and controller name in the `routes/web.php`. You can see the exemples below. `SQRL_URL_LOGIN`(file `.env`): ``` SQRL_URL_LOGIN=https://sqrl.test/login # URL to your login page ``` `routes/web.php`: ``` Route::get('/login', 'LaravelSQRLAuthExemples\ExempleController@getAuthPage')->name('login'); ``` Done, now it will be ready for use and testing. ### SQRL Question [](#sqrl-question) This is a feature for questioning users by the SQRL application. First step, create a nonce to question user and send it to your login view, like the code below: ``` $data = SQRLController::getNewQuestionNonce("https://sqrl.test/okbutton", "https://sqrl.test/cancelbutton", "Do you confirm 5$ tranfering?", "I accept", https://sqrl.test/iacceptbutton", "Cancel", https://sqrl.test/cancelbutton"); return view('LaravelSQRLAuthExemples.transfer', $data); ``` More details in [Function to Generate Question Nonce](#function-to-generate-question-nonce). Second step, check if you have the code below in `routes/api.php`, this will be the route to communicate to the SQRL Server and to check if the nonce is authenticated. ``` Route::group(['namespace'=>'\DestruidorPT\LaravelSQRLAuth\App\Http\Controllers'], function() { Route::get('/sqrl', 'SQRL\SQRLControllerAPI@checkIfisReady'); # Route to check if the nonce is verified Route::post('/sqrl', 'SQRL\SQRLControllerAPI@sqrl'); # Route of API SQRL }); ``` More details in [API Function to SQRL](#api-function-to-sqrl) and in [API Function to Check If is Ready the Nonce](#api-function-to-check-if-is-ready-the-nonce). Third step, put the code exemple below anywhere in your page, this will be the link and the QR Code for the user to use with the SQRL Client. ``` {!! QrCode::size(100)->generate($url_question_sqrl); !!} ``` More Details about [QR Code Generator](https://www.simplesoftware.io/simple-qrcode/). Fourth step, copy the script to your html page, this will verify if the next page is ready by the nonce value, it will check every 500 milliseconds (Recommend changing the value). ``` var syncQuery = window.XMLHttpRequest ? new window.XMLHttpRequest() : new ActiveXObject('MSXML2.XMLHTTP.3.0'); var url = '{{$check_state_on}}'; // the location of the SQRL server var newSync, lastSync, encodedSqrlUrl = false, sqrlScheme = true; var gifProbe = new Image(); // create an instance of a memory-based probe image var localhostRoot = 'http://localhost:25519/'; // the SQRL client listener gifProbe.onload = function() { // define our load-success function sqrlScheme = false; // prevent retriggering of the SQRL QR code. document.location.href = localhostRoot + encodedSqrlUrl; }; gifProbe.onerror = function() { // define our load-failure function setTimeout( function(){ gifProbe.src = localhostRoot + Date.now() + '.gif'; }, 250 ); } function pollForNextPage() { if (document.hidden) { // before probing for any page change, we check to setTimeout(pollForNextPage, 500); // see whether the page is visible. If the user is return; // not viewing the page, check again in 5 seconds. } syncQuery.open( 'GET', url); // the page is visible, so let's check for any update syncQuery.onreadystatechange = function() { if ( syncQuery.readyState === 4 ) { if ( syncQuery.status === 200 ) { console.log(syncQuery.response); var response = JSON.parse(syncQuery.response); if(response.isReady == true) { if(response.btn) { var div = document.getElementById("ErroMessage"); div.innerHTML = "Button "+response.btn+": "+response.msg; if(response.nextPage) { var a = document.createElement('a'); var linkText = document.createTextNode("Click here to go to button reference."); a.appendChild(linkText); a.title = "Button href"; a.href = response.nextPage; div.appendChild(a); } div.removeAttribute("hidden"); } } else { if(response.msg === "Time out, reload nonce!" || response.msg === "IP Doesnt Match!" || response.msg === "SQRL is disable for this user!") { console.log(response.msg); var div = document.getElementById("ErroMessage"); div.innerHTML = response.msg+" Reload The Page and try again! If you want to Authenticate by SQRL"; div.removeAttribute("hidden"); } else { setTimeout(pollForNextPage, 500); } } } else { setTimeout(pollForNextPage, 500); } } }; syncQuery.send(); // initiate the query to the 'sync.txt' object. }; function sqrlLinkClick(e) { encodedSqrlUrl = e.getAttribute('encoded-sqrl-url'); // if we have an encoded URL to jump to, initiate our GIF probing before jumping if ( encodedSqrlUrl ) { gifProbe.onerror(); }; // trigger the initial image probe query } pollForNextPage(); ``` Fifth step, is to register the user choice on your personal controller, because when the user selects the option it will be redirected to that URL, in that url you save the user choice. The next url depends on the choice and depends on the url you submited on the function of the first step. Done, noe it will be ready for use and testing. ### IP Address Verification [](#ip-address-verification) This is the functionality that verifies that the IP Address of the first nonce request is the same as the next requests around that nonce, in some cases this check is not done, for exemple the SQRL Client Mobile, as this is another device that does not have the same IP Address it was saved in request to create nonce. No implementation is required but it is good to know that you have this feature already inserted in the project, so when creating nonces always use the functions of the package, you can check the IP Address in `Sqrl_nonce->ip_address`. More details in [Sqrl\_nonce](#sqrl_nonce-destruidorptlaravelsqrlauthappsqrl_nonce). ### SQRL Disabled [](#sqrl-disabled) This feature is for the SQRL Client to disable SQRL authentication or to disable SQRL Client keys. No implementation is required but it is good to know that you have this feature already inserted in the project, to check if a pubkey is disabled you can check `Sqrl_pubkey->disabled`, '0' means not disable and '1' is disable. More details in [Sqrl\_pubkey](#sqrl_pubkey-destruidorptlaravelsqrlauthappsqrl_pubkey). ### SQRL Only Allowed [](#sqrl-only-allowed) #### Optional Functionality [](#optional-functionality) This feature is for the user to block username and password login feature, this feature is enabled by SQRL Client application. In order to know if the user as SQRL only allowed, you can perform this function: ``` SQRLController::checkIfUserCanAuthByNormalLogin($user_id); ``` More details in [Function to Check If User Can Auth By Normal Login](#function-to-check-if-user-can-auth-by-normal-login). For example you can add this code before allowing user authentication, check if it is allowed: ``` if(isset($user)){ //Check if the user exists if(!SQRLController::checkIfUserCanAuthByNormalLogin($user->id)) { //Check if the user can not be authentication by normal login authentication return redirect()->intended('login')->withErrors(['SQRL Only Allowed!!!']);//If returned false then the user only can authenticate by SQRL } } ``` ### SQRL Hardlock [](#sqrl-hardlock) #### Optional Functionality [](#optional-functionality-1) This feature is so that the user can lock the password recovery feature, this feature is enabled by SQRL Client application. In order to know if user as SQRL hardlock, you can perform this function: ``` SQRLController::checkIfUserCanUseRecoverPassword($user_id); ``` More details in [Function to Check If User Can Use Recover Password](#function-to-check-if-user-can-use-recover-password). For example you can add this code before allowing the user to recover his password, check if it is allowed: ``` if(isset($user)){ //Check if the user exists if(!SQRLController::checkIfUserCanUseRecoverPassword($user->id)) { //Check if the user can not recovery the password return redirect()->intended('resetpw')->withErrors(['SQRL not Allowed recovery account!!!']); //This means that the account as hardlocked by SQRL Client that not Allowed recovery password by email or personal questions } } ``` Example Instalation =================== [](#example-instalation) **First you need to have followed the Install topic before continuing with this topic.** Make sure to follow these steps so that you can install this example. To start run the following command. ``` php artisan vendor:publish --provider="DestruidorPT\LaravelSQRLAuth\LaravelSQRLAuthServiceProvider" ``` The next step is to copy the routes below to `routes/api.php`. ``` Route::group(['namespace'=>'\DestruidorPT\LaravelSQRLAuth\App\Http\Controllers'], function() { Route::get('/sqrl', 'SQRL\SQRLControllerAPI@checkIfisReady'); # Route to check if the nonce is verified Route::post('/sqrl', 'SQRL\SQRLControllerAPI@sqrl'); # Route of API SQRL }); ``` Finally to finish the installation, you just have to copy the following routes to `routes/web.php`. ``` Route::get('/', function () { return redirect('login'); }); Route::get('/login', 'LaravelSQRLAuthExemples\ExempleController@getAuthPage')->name('login'); Route::post('/login', 'LaravelSQRLAuthExemples\ExempleController@login'); Route::post('/logout', 'LaravelSQRLAuthExemples\ExempleController@logout')->name('logout'); Route::get('/dashboard', 'LaravelSQRLAuthExemples\ExempleController@getDashboardPage')->name('dashboard'); Route::post('/transfer', 'LaravelSQRLAuthExemples\ExempleController@getTransferConfirmation'); Route::get('/resetpw', 'LaravelSQRLAuthExemples\ExempleController@getResetPWPage')->name('resetpw'); Route::post('/resetpw', 'LaravelSQRLAuthExemples\ExempleController@resetPW'); Route::post('/newlogin', 'LaravelSQRLAuthExemples\ExempleController@newlogin'); Route::post('/newaccount', 'LaravelSQRLAuthExemples\ExempleController@newAcc'); ``` Classes And Data ================ [](#classes-and-data) Here is all the information saved in the database and the classes used. The list of classes: - [Sqrl\_nonce](#sqrl_nonce-destruidorptlaravelsqrlauthappsqrl_nonce) - [Sqrl\_pubkey](#sqrl_pubkey-destruidorptlaravelsqrlauthappsqrl_pubkey) ### Sqrl\_nonce (DestruidorPT\\LaravelSQRLAuth\\App\\Sqrl\_nonce) [](#sqrl_nonce-destruidorptlaravelsqrlauthappsqrl_nonce) The Class Sqrl\_nonce contains all the information needed to create a point to start a communicacion between SQRL Server and SQRL Client. Below you can find all the data: Field NameType ValueObservationidbigint(20)IDnoncevarchar(255)Nonce Can be used to communicate between SQRL Client and SQRL ServertypeenumPossible values is 'auth' and 'question'ip\_addressvarchar(45)IP Address of the request made when this nonce was createdurllongtextURL to redirect when nonce was verified successfulcanlongtextURL to redirect when user cancel authentication or the questionverifiedtinyint(4)Values possible is '0' or '1', '0' not verified and '1' verifiedorig\_noncevarchar(255)Is the same value of field 'nonce' when was createdquestionlongtextAll the informacion to create question on the SQRL Clientbtn\_answertinyint(4)Response of user on the question, values possible is '0' to “OK” button, '1' to the first button and '2' to the secound buttonsqrl\_pubkey\_idbigint(20)Is the Sqrl\_pubkey idcreated\_attimestampDate when was createdupdated\_attimestampLast modified date### Sqrl\_pubkey (DestruidorPT\\LaravelSQRLAuth\\App\\Sqrl\_pubkey) [](#sqrl_pubkey-destruidorptlaravelsqrlauthappsqrl_pubkey) The Class Sqrl\_pubkey contains all the information needed to know what SQRL Client is related to the user, in other words it's where all the information about the SQRL Client keys and the user related exists. Once again you can find the data below: NameType ValueObservationidbigint(20)IDuser\_idbigint(20)Is the User IDpublic\_keyvarchar(255)This is the user's SQRL ID which uniquely identifies them to the site, is called IDK in SQRL Documentationvukvarchar(255)Is the Server Unlock Key in SQRL Documentationsukvarchar(255)Is the Verify Unlock Key in SQRL Documentationdisabledtinyint(4)Values possible is '0' or '1', '0' Enable Sqrl\_pubkey and '1' Disable Sqrl\_pubkeysqrl\_only\_allowedtinyint(4)Values possible is '0' or '1', '0' SQRL Only Autheticacion disable and '1' SQRL Only Autheticacion enablehardlocktinyint(4)Values possible is '0' or '1', '0' hardlock disable and '1' hardlock enablecreated\_attimestampDate when was createdupdated\_attimestampLast modified dateFunctions Availables ==================== [](#functions-availables) List of all available features for the implementation of all available SQRL features. - [SQRLController](#sqrlcontroller-destruidorptlaravelsqrlauthapphttpcontrollerssqrlsqrlcontroller) - [Function to Generate Authenticated Nonce](#function-to-generate-authenticated-nonce) - [Function to Generate Question Nonce](#function-to-generate-question-nonce) - [Function to Check If User Can Auth By Normal Login](#function-to-check-if-user-can-auth-by-normal-login) - [Function to Check If User Can Use Recover Password](#function-to-check-if-user-can-use-recover-password) - [Function to Check If User Can Auth By SQRL](#function-to-check-if-user-can-auth-by-sqrl) - [Function to Check If is Ready the Nonce](#function-to-check-if-is-ready-the-nonce) - [Function to Get User By Original Nonce If Can Be Authenticated](#function-to-get-user-by-original-nonce-if-can-be-authenticated) - [SQRLControllerAPI](#sqrlcontrollerapi-destruidorptlaravelsqrlauthapphttpcontrollerssqrlsqrlcontrollerapi) - [API Function to SQRL](#api-function-to-sqrl) - [API Function to Check If is Ready the Nonce](#api-function-to-check-if-is-ready-the-nonce) ### SQRLController (DestruidorPT\\LaravelSQRLAuth\\App\\Http\\Controllers\\SQRL\\SQRLController) [](#sqrlcontroller-destruidorptlaravelsqrlauthapphttpcontrollerssqrlsqrlcontroller) Only use this controller on your own server. #### Function to Generate Authenticated Nonce [](#function-to-generate-authenticated-nonce) To generate the Authenticated Nonce, you need to call the function below. ``` SQRLController::getNewAuthNonce(); ``` This function will return this array: ``` [ 'nonce',