PHPackages lizhijun/php-totp - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. lizhijun/php-totp ActiveLibrary[Security](/categories/security) lizhijun/php-totp ================= 基于时间的一次一密(Time-based One-time Password, TOTP)算法php函数库 1.0.1(2y ago)1201MITPHPPHP >=7.3 Since Nov 23Pushed 2y ago1 watchersCompare [ Source](https://github.com/lizhijundev/php-totp)[ Packagist](https://packagist.org/packages/lizhijun/php-totp)[ Docs](https://github.com/lizhijundev/php-totp)[ RSS](/packages/lizhijun-php-totp/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (2)Dependencies (1)Versions (3)Used By (0) PHP TOTP函数库 =========== [](#php-totp函数库) [![Tests](https://github.com/lizhijundev/php-totp/actions/workflows/tests.yml/badge.svg)](https://github.com/lizhijundev/php-totp/actions/workflows/tests.yml) TOTP(Time-based One-Time Password),基于时间同步,主要通过一个时间因素来实现验证,它的生成依靠当前时间点与基准时间(如UNIX时间戳)的算法,从而生成出一个唯一的密码。 安装 -- [](#安装) ``` composer -vvv require lizhijun/php-totp ``` 调用 -- [](#调用) ### 生成 TOTP 密钥 和 二维码字符串 [](#生成-totp-密钥-和-二维码字符串) ``` use Lizhijun\TOTP\TOTPAuth; public function generateTOTP(){ $auth = new TOTPAuth(); $secret = $auth->createSecret(); $qrcodeStr = $auth->getQrcodeStr($secret, 'zhansan', 'org'); // todo: qrcode提供前端生成二维码 } ``` ### 验证 TOTP密钥 [](#验证-totp密钥) ``` use Lizhijun\TOTP\TOTPAuth; public function bindTOTP(){ $secret = ''; // 上一步生成的 TOTP 密钥 $code = ''; // 用户使用二次密码验证器扫码后,验证器生成`一次性数字验证密码` $auth = new TOTPAuth(); $verifyResult = $auth->verifyCode($secret, $code); if ($verifyResult) { // todo: 验证成功 绑定 TOTP 密钥到用户信息 } else { } } ``` - 用户使用 `密码验证器` 扫码后,验证器生成`一次性数字验证密码` - 服务端验证用户 `一次性数字验证密码` 和 `TOTP 密钥` - 生成密钥可持久化到关联用户表 验证器推荐 ===== [](#验证器推荐) 应用市场搜索并安装以下任一验证器: - 谷歌身份验证器 (Google Authenticator) - 微软身份验证器 (Microsoft Authenticator) 参考 -- [](#参考) - [RFC 6238:《 TOTP: Time-Based One-Time Password Algorithm》](https://datatracker.ietf.org/doc/html/rfc6238) - [RFC 6238 翻译](https://rfc2cn.com/rfc6238.html) ### Health Score 20 — LowBetter than 14% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity9 Limited adoption so far Community8 Small or concentrated contributor base Maturity38 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 2 Last Release 898d ago PHP version history (2 changes)1.0.0PHP >=5.4 1.0.1PHP >=7.3 ### Community Maintainers ![](https://www.gravatar.com/avatar/e534b7ed3cb70bebab951ec06a0c25598a0e221e69369365b9d982e82a06df9b?d=identicon)[lizhijun](/maintainers/lizhijun) --- Top Contributors [![lizhijundev](https://avatars.githubusercontent.com/u/9306090?v=4)](https://github.com/lizhijundev "lizhijundev (7 commits)") --- Tags otptotpsecurityrfc6238 ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/lizhijun-php-totp/health.svg) ``` [![Health](https://phpackages.com/badges/lizhijun-php-totp/health.svg)](https://phpackages.com/packages/lizhijun-php-totp) ``` ### Alternatives [rych/otp PHP implementation of the OATH one-time password standards 36265.8k4](/packages/rych-otp)[tzsk/otp A secure, database-free One-Time Password (OTP) generator and verifier for PHP and Laravel. 241641.4k1](/packages/tzsk-otp)[christian-riesen/otp One Time Passwords, hotp and totp according to RFC4226 and RFC6238 885.1M5](/packages/christian-riesen-otp)[firehed/security Security tools for PHP 2374.9k2](/packages/firehed-security)[chillerlan/php-authenticator A generator for counter- and time based 2-factor authentication codes (Google Authenticator). PHP 8.2+ 58119.1k2](/packages/chillerlan-php-authenticator)[remotemerge/totp-php Lightweight, fast, and secure TOTP (2FA) authentication library for PHP — battle tested, dependency free, and ready for enterprise integration. 2010.2k](/packages/remotemerge-totp-php) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)