setAttribute(PDO::ATTR_ERRMODE, PDO::ERRMODE_EXCEPTION); $pdo->setAttribute(PDO::ATTR_DEFAULT_FETCH_MODE, PDO::FETCH_OBJ); $scheme = isset($_SERVER['HTTPS']) ? "https://" : "http://"; $u2f = new u2flib_server\U2F($scheme . $_SERVER['HTTP_HOST']); function getRegs($username) { global $pdo; $sel = $pdo->prepare("select * from tfa where username = ?"); $sel->execute(array($username)); return $sel->fetchAll(); } function addReg($username, $reg) { global $pdo; $ins = $pdo->prepare("INSERT INTO `tfa` (`username`, `keyHandle`, `publicKey`, `certificate`, `counter`) values (?, ?, ?, ?, ?)"); $ins->execute(array($username, $reg->keyHandle, $reg->publicKey, $reg->certificate, $reg->counter)); } function updateReg($reg) { global $pdo; $upd = $pdo->prepare("update tfa set counter = ? where id = ?"); $upd->execute(array($reg->counter, $reg->id)); } ?> getRegisterData(getRegs($username)); list($req, $sigs) = $data; $_SESSION['regReq'] = json_encode($req); ?> getMessage(); } break; case 'authenticate': try { $reqs = json_encode($u2f->getAuthenticateData(getRegs($username))); $_SESSION['authReq'] = $reqs; ?> getMessage(); } break; } } if (!empty($_POST['u2f_register_data'])) { try { $reg = $u2f->doRegister(json_decode($_SESSION['regReq']), json_decode($_POST['u2f_register_data'])); addReg($username, $reg); } catch (Exception $e) { echo "U2F error: " . $e->getMessage(); } finally { echo "Success"; $_SESSION['regReq'] = null; } } if (!empty($_POST['u2f_auth_data'])) { try { $reg = $u2f->doAuthenticate(json_decode($_SESSION['authReq']), getRegs($username), json_decode($_POST['u2f_auth_data'])); updateReg($reg); } catch (Exception $e) { echo "U2F error: " . $e->getMessage(); } finally { echo "Success"; $_SESSION['authReq'] = null; } } } ?>

Username:

---

Action:
Register
Authenticate
Submit!