PHPackages                             mijagikutasamoto/mijauth - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication & Authorization](/categories/authentication)
4. /
5. mijagikutasamoto/mijauth

ActiveLibrary[Authentication & Authorization](/categories/authentication)

mijagikutasamoto/mijauth
========================

File-Based Two-Factor Authentication System (2FA) with AES-256-GCM encryption. Supports WebAuthn, mobile persistence, and multi-device sync.

00PHP

Since Jan 27Pushed 3mo agoCompare

[ Source](https://github.com/MijagiKutasamoto/mijauth)[ Packagist](https://packagist.org/packages/mijagikutasamoto/mijauth)[ RSS](/packages/mijagikutasamoto-mijauth/feed)WikiDiscussions main Synced 1mo ago

READMEChangelogDependenciesVersions (2)Used By (0)

MijAuth - File-Based Two-Factor Authentication System (2FA)
===========================================================

[](#mijauth---file-based-two-factor-authentication-system-2fa)

[🇵🇱 Polski](#polski) | [🇬🇧 English](#english)

---

🇬🇧 English
----------

[](#-english)

### Description

[](#description)

MijAuth is a two-factor authentication system that uses encrypted files as the second authentication factor. Instead of SMS codes or TOTP apps, the user stores a special `.mijauth` file that must be uploaded during login.

### How Does It Work?

[](#how-does-it-work)

#### 1. User Registration

[](#1-user-registration)

- User registers in the system
- System generates a unique AES-256 key for the user
- System creates an authorization file `.mijauth` containing encrypted data:
    - User ID
    - Unique token
    - Creation timestamp
    - Hardware hash (optional)
- User downloads the file and stores it securely

#### 2. Login Process

[](#2-login-process)

1. User enters login and password (first factor)
2. System requests the `.mijauth` file (second factor)
3. System decrypts the file using user's key
4. Verifies if the data in the file matches the database
5. If everything is OK - user is logged in

#### 3. Structure of .mijauth File

[](#3-structure-of-mijauth-file)

The file contains JSON data, encrypted with AES-256-GCM:

```
{
  "user_id": "unique-user-identifier",
  "token": "random-256-bit-token",
  "created_at": "2024-01-01T00:00:00Z",
  "device_hash": "optional-device-fingerprint",
    "device_hash_v2": "optional-device-fingerprint-v2",
  "version": 1
}
```

### Security Features

[](#security-features)

FeatureDescription**AES-256-GCM**Symmetric encryption with authentication**Unique Keys**Each user has their own encryption key**IV/Nonce**Random initialization vector for each file**One-time Token**Ability to invalidate and regenerate**Integrity Verification**GCM ensures data authenticity**Constant-time Comparison**Protection against timing attacks### Installation and Usage

[](#installation-and-usage)

#### PHP (Composer)

[](#php-composer)

```
composer require mijagikutasamoto/mijauth
```

```