DokuWiki mOTP Auth

DokuWiki entry: auth:motp

Download and install the archive by unpacking it in your DokuWiki root. Do NOT try to install it using the plugin manager!

Manual download:

• Latest: motp.tar.gz (2.08 KiB, 208 downloads)

After that, edit the file conf/motp.auth.php and add the desired user's PINs, init-secrets and offsets. Don't forget to enable the motp authentication backend in the DokuWiki configuration. Also make sure that the server's time is correct.

This archive adds a new authentication backend called motp. This is basically a clone of the plain backend but with added checks for Mobile-OTP tokens. In the conf/motp.auth.php file you define users who want to use mOTPs for login and their PIN and init-secrets of their token device. They then have to append the 6-digit token to their normal DokuWiki password to login.

So if your password is foobar and your token device shows 1d2e3f as the current token, you have to enter foobar1d2e3f as your password to get logged in. All users who are not listed in the motp.auth.php file can still login normally.

A token is only valid for 10 seconds and can be used only once. The file conf/motp.used.dat stores tokens and their last use to ensure that.

Please report problems on the plugin page of the DokuWiki homepage.

• nothing for now

• added TIME_protocol support: The current time is now queried via an NTP server (see ntp_time.class.php for a list of servers), so make sure to adjust the offsets to 0

$time = NTP_TIME::query();

$time = time();

• fixed the bug introduced with last version where non-OTP users couldn't login anymore

• implemented offsets, so that you can use this on servers where the time is off
• fixed the “Remember me” feature

• first working plugin

• mOTP Token Generator
• Validate mOTP Token