I used https://github.com/chregu/GoogleAuthenticator.php to create two-factor authentication for the web application I'm working on. Everything works, creating a secret and even the code worked. Now I have set up the same code on another server and generated a new secret key and added it to the Google authentication mobile app, now the code generated in the mobile does not match.
I dig around comparing the results on both servers and noticing that the time () function returns different times (1 hour difference), then I forced my second server (where the google code did not work) to have the same time as the first one, and it worked, So I'm really confused - is this some kind of time zone problem? I really need these servers to have my own time zone.
Is there any work?
I also followed https://support.google.com/accounts/answer/185834?hl=en and synchronized my Google authentication application, which still does not work. the code created in the mobile application runs on my second server in an hour. Can someone help me or suggest me a different approach.
here is the code i use to connect to the above library
class googleAuthLibrary extends GoogleAuthenticator { public function getSecretKey() { $secretKey = $this->generateSecret(); return $secretKey; } public function getQRLink($username, $hostname, $secretKey) { $url = 'https://chart.googleapis.com/chart?cht=qr&chs=300x300&chl='; $qrCode = 'otpauth://totp/'.$username.'@'.$hostname.'?secret='.$secretKey; $url = $url.$qrCode; return $url; } public function getAuthCode($secretKey) { $authCode =$this->getCode($secretKey); return $authCode; } }
source share