Results 1 to 2 of 2

Thread: How to Do 2 Steps Verification with Google Authentication in PHP App

  1. #1

    Thread Starter
    New Member mikecoulson's Avatar
    Join Date
    Mar 2018
    Location
    London
    Posts
    3

    How to Do 2 Steps Verification with Google Authentication in PHP App

    Hi, I want to add google two-step authentication process which already existing code in CakePHP 3. On user login, I want to add 2 steps verification process. As per your document, I have added the key field on my end table.

    My steps -

    1. First time, the user has the blank field. To generate the key from using plugins of Google authentication.

    2. Store it on my DB. and an open code entry fields with the barcode will be open. And parallel sends SMS with the code.

    3. User enter code which is sent via SMS. Proceed, If valid with DB key as defined on the document. Then enter my site.

    4. But wrong entry redirects for two-step verification page again.

    5. Also, success when DB field expired?

  2. #2
    Smooth Moperator techgnome's Avatar
    Join Date
    May 2002
    Posts
    34,522

    Re: How to Do 2 Steps Verification with Google Authentication in PHP App

    Something doesn't seem right with those steps. You don't implement the two-factor authentication... Google does. You make a call to the Google Authentication API, it does the authentication and returns a token back to you. You then use that token in the future to request from Google if it is still good or not. If it is not, then you send the user back through the authentication process. What if they don't have two-factor authentication setup? What if they use the Google Authenticator and not SMS? That should be a black box to you. You shouldn't care. All you should care about is making the call to Google and getting the response back in the form of an authentication token.

    -tg
    * I don't respond to private (PM) requests for help. It's not conducive to the general learning of others.*
    * I also don't respond to friend requests. Save a few bits and don't bother. I'll just end up rejecting anyways.*
    * How to get EFFECTIVE help: The Hitchhiker's Guide to Getting Help at VBF - Removing eels from your hovercraft *
    * How to Use Parameters * Create Disconnected ADO Recordset Clones * Set your VB6 ActiveX Compatibility * Get rid of those pesky VB Line Numbers * I swear I saved my data, where'd it run off to??? *

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width