PHPackages rsthn/rose-otp - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. rsthn/rose-otp ActiveRose-extension[Authentication & Authorization](/categories/authentication) rsthn/rose-otp ============== OTP Adapter for Rose 1.0.6(3y ago)115Apache-2.0PHPPHP ^8.1 Since Jul 20Pushed 2y ago1 watchersCompare [ Source](https://github.com/rsthn/rose-otp)[ Packagist](https://packagist.org/packages/rsthn/rose-otp)[ RSS](/packages/rsthn-rose-otp/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependencies (2)Versions (8)Used By (0) OTP Adapter for Rose ==================== [](#otp-adapter-for-rose) Adds TOTP/HOTP support to [Rose](https://github.com/rsthn/rose-core) to create secret codes and one-time tokens using the awesome [otphp](https://github.com/Spomky-Labs/otphp) library of Spomky-Labs. Installation ============ [](#installation) ``` composer require rsthn/rose-otp ``` Configuration Section: `OTP` ---------------------------- [](#configuration-section-otp) FieldTypeDescriptionDefaulthash`string`Hash function to use.sha1digits`integer`Number of digits to use for the generated one-time passwords.7period`integer`Period to generate new tokens (in seconds).30tolerance`integer`Number of seconds to tolerate as leeway when verifying tokens.0Expression Functions -------------------- [](#expression-functions) ### `otp::create` [](#otpcreate) Creates a new secret key to be later used to generate one-time passwords. The output is a 64-byte random string which is later converted to Base32 resulting in a string with a maximum length of 128 chars that should be stored in a safe place to be used later. The OTP settings are obtained from the OTP configuration section. ``` (set secretKey (otp::create)) ``` ### `otp::get` secretKey:string \[tokenTime:integer\] [](#otpget-secretkeystring-tokentimeinteger) Returns the current time-based token given a secret key. Can be used to show it to the user via safe means such as email, SMS or a custom made app. Although if the user has an authenticator app such as Google Authenticator or Authy, it is recommended to use that with the `otp::uri` function instead. ``` (otp::get (secretKey)) ``` ### `otp::verify` secretKey:string token:string [](#otpverify-secretkeystring-tokenstring) Verifies the specified token to check if it is valid, returns boolean. ``` (when-not (otp::verify (secretKey) "123123") (throw "OTP code is incorrect") ) ``` ### `otp::uri` secretKey:string label:string \[issuer:string\] [](#otpuri-secretkeystring-labelstring-issuerstring) Returns the OTP-AUTH URI to be used in OTP clients (like Authy or Google Authenticator). ``` (otp::uri (secretKey) "Zork") ``` ### Health Score 27 — LowBetter than 49% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity7 Limited adoption so far Community9 Small or concentrated contributor base Maturity61 Established project with proven stability Bus Factor1 Top contributor holds 90.9% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 7 Last Release 1392d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/c882137e3e41afe0d0ef09b65e8c4dab3858accc70a2ca84181c9261a0447cdd?d=identicon)[rsthn](/maintainers/rsthn) --- Top Contributors [![strikeone88](https://avatars.githubusercontent.com/u/50781762?v=4)](https://github.com/strikeone88 "strikeone88 (10 commits)")[![ciachn](https://avatars.githubusercontent.com/u/66389295?v=4)](https://github.com/ciachn "ciachn (1 commits)") ### Embed Badge ![Health badge](/badges/rsthn-rose-otp/health.svg) ``` [![Health](https://phpackages.com/badges/rsthn-rose-otp/health.svg)](https://phpackages.com/packages/rsthn-rose-otp) ``` ### Alternatives [scheb/2fa Two-factor authentication for Symfony applications (please use scheb/2fa-bundle to install) 578630.7k1](/packages/scheb-2fa)[scheb/2fa-google-authenticator Extends scheb/2fa-bundle with two-factor authentication using Google Authenticator 298.2M30](/packages/scheb-2fa-google-authenticator)[scheb/2fa-totp Extends scheb/2fa-bundle with two-factor authentication using TOTP 292.7M22](/packages/scheb-2fa-totp)[born05/craft-twofactorauthentication Craft 4 plugin for two-factor or two-step login using Time Based OTP. 36100.1k1](/packages/born05-craft-twofactorauthentication)[msp/twofactorauth Two Factor Authentication module for Magento2 - Member of MageSpecialist SecuritySuite 4462.1k2](/packages/msp-twofactorauth)[sandstorm/neostwofactorauthentication 1223.6k](/packages/sandstorm-neostwofactorauthentication) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)