PHPackages                             mijagikutasamoto/mijauth - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. mijagikutasamoto/mijauth

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

mijagikutasamoto/mijauth
========================

File-Based Two-Factor Authentication System (2FA) with AES-256-GCM encryption. Supports optional TOTP app codes, WebAuthn, mobile persistence, and multi-device sync.

00PHPCI passing

Since Jan 27Pushed 1mo agoCompare

[ Source](https://github.com/mijsys/mijauth)[ Packagist](https://packagist.org/packages/mijagikutasamoto/mijauth)[ RSS](/packages/mijagikutasamoto-mijauth/feed)WikiDiscussions main Synced today

READMEChangelogDependenciesVersions (2)Used By (0)

MijAuth - File-Based Two-Factor Authentication System (2FA)
===========================================================

[](#mijauth---file-based-two-factor-authentication-system-2fa)

[🇵🇱 Polski](#polski) | [🇬🇧 English](#english)

---

🇬🇧 English
----------

[](#-english)

### Description

[](#description)

MijAuth is a two-factor authentication system that uses encrypted files as a strong authentication factor. You can use it standalone (password + `.mijauth`) or combine it with authenticator app codes (TOTP) for higher security.

### Latest Change History

[](#latest-change-history)

- **0.4.0 (May 2026)**: TOTP app integration, auth-file TTL validation, TOTP rate-limit hooks, updated PHP/Node/Python examples
- **0.3.0 (January 2026)**: WebAuthn support, mobile persistence, PWA and sync improvements
- **0.2.0 (December 2025)**: First stable public release

### How Does It Work?

[](#how-does-it-work)

#### 1. User Registration

[](#1-user-registration)

- User registers in the system
- System generates a unique AES-256 key for the user
- System creates an authorization file `.mijauth` containing encrypted data:
    - User ID
    - Unique token
    - Creation timestamp
    - Hardware hash (optional)
- User downloads the file and stores it securely

#### 2. Login Process

[](#2-login-process)

1. User enters login and password (first factor)
2. System requests the `.mijauth` file (second factor)
3. System decrypts the file using user's key
4. Verifies token, user ID and file TTL (`created_at`)
5. Optional: system verifies TOTP code from authenticator app (third factor)
6. If everything is OK - user is logged in

#### 3. Structure of .mijauth File

[](#3-structure-of-mijauth-file)

The file contains JSON data, encrypted with AES-256-GCM:

```
{
  "user_id": "unique-user-identifier",
  "token": "random-256-bit-token",
  "created_at": "2024-01-01T00:00:00Z",
  "device_hash": "optional-device-fingerprint",
    "device_hash_v2": "optional-device-fingerprint-v2",
  "version": 1
}
```

### Security Features

[](#security-features)

FeatureDescription**AES-256-GCM**Symmetric encryption with authentication**Unique Keys**Each user has their own encryption key**IV/Nonce**Random initialization vector for each file**One-time Token**Ability to invalidate and regenerate**Integrity Verification**GCM ensures data authenticity**Constant-time Comparison**Protection against timing attacks### Installation and Usage

[](#installation-and-usage)

#### PHP (Composer)

[](#php-composer)

```
composer require mijagikutasamoto/mijauth
```

```
