Skip to content

Commit

Permalink
Update OTP method to require PSR-20 Clock
Browse files Browse the repository at this point in the history
The `create` method is now renamed to `generate` and requires a PSR-20 Clock as the first argument from version 11.4+. Updated documentation to reflect this change and recommend early adoption to avoid future issues.
  • Loading branch information
Spomky committed Aug 4, 2024
1 parent 2d8ccb5 commit 5ccef72
Showing 1 changed file with 11 additions and 3 deletions.
14 changes: 11 additions & 3 deletions doc/index.md
Original file line number Diff line number Diff line change
Expand Up @@ -34,21 +34,25 @@ You have to verify that the server and the device are synchronized.

# How to use

To create an OTP object, just use the static `create` method. Your object will be able to generate passwords:
To create an OTP object, just use the static `generate` method. Your object will be able to generate passwords.
Note that the method will require a PSR-20 Clock in the next major release.
It is higly recommended to pass it as first argument to the `generate` method in version 11.4+ to avoid any issue in the future.

```php
<?php
use OTPHP\TOTP;

$clock = new MyClock(); // Your own implementation of a PSR-20 Clock

// A random secret will be generated from this.
// You should store the secret with the user for verification.
$otp = TOTP::generate();
$otp = TOTP::generate($clock);
echo "The OTP secret is: {$otp->getSecret()}\n";

// Note: use your own way to load the user secret.
// The function "load_user_secret" is simply a placeholder.
$secret = load_user_secret();
$otp = TOTP::createFromSecret($secret);
$otp = TOTP::createFromSecret($secret, $clock);
echo "The current OTP is: {$otp->now()}\n";
```

Expand All @@ -57,6 +61,10 @@ In the example above, we use the `TOTP` class, but you can use the `HOTP` one th
Then, you have to configure your applications.
You can use the provisioning Uri (`$otp->getProvisioningUri();`) as QR Code input to easily configure all of them.

The provision URI can be stored in your database (or any other storage) and used to generate back the OTP object (see [Factory](Factory.md)).

```php

We recommend you to use your own QR Code generator (e.g. [BaconQrCode](https://packagist.org/packages/bacon/bacon-qr-code) or [endroid/qr-code](https://github.com/endroid/qr-code)).

```php
Expand Down

0 comments on commit 5ccef72

Please sign in to comment.