CakeOTP – One Time Password for CakePHP

A one-time password (OTP) is a password that is only valid for a single login session or transaction. It is commonly used in the internet for registration and password reminder process in which OTPs are provides to the user in a form of a link that the user uses to access in order to create/reset his password.

CakeOTP is a secure and table-less implementation of One Time Password for the popular CakePHP development framework.

Demo

Check out CakeOTP live demo here.

Usage

Import the otp component (with CakePHP Email and Auth core components):

var $components = array('Auth','Email','Otp');

Creating and sending the OTP email:



// create the OTP - TTL = time to live, assume username = email

$otp = $this->Otp->createOTP(

   array('user'=>$username,

         'password'=>$passwordHash,

         'ttl'=> $ttl));

$link = '<a href="http://' .

$_SERVER['SERVER_NAME']. 

Dispatcher::baseUrl().

"/users/otpregister/".

$username."/".$ttl."/".

$otp.'"> Registration link </a>';

// send mail

$this->Email->from    = "admin@somedomain.com";

$this->Email->to      = $username;

$this->Email->subject = "Website Registration";

$this->Email->sendAs = 'html';

Authenticate OTP


 // validate OTP

if($this->Otp->authenticateOTP($otp,

array('user'=>$email,

      'password'=>$passwordHash,

      'ttl'=> $ttl)) ){

// handle Authenticated request

}else{

// handle unauthenticated request
}

Download

Download CakeOTP 1.1

Documentation

See CakeOTP getting started for setup and additional usage details.