diff --git a/Dockerfile b/Dockerfile
new file mode 100644
index 0000000000000000000000000000000000000000..30f474f0ee28d2734e21c90b18ca87e6bddd98bd
--- /dev/null
+++ b/Dockerfile
@@ -0,0 +1,14 @@
+FROM php:8.1-apache
+WORKDIR /var/www/html
+RUN docker-php-ext-install mysqli
+
+COPY --from=docker.io/library/composer:latest /usr/bin/composer /usr/bin/composer
+COPY composer.json .
+RUN apt-get update
+RUN apt-get install -y git
+RUN composer update
+
+COPY otp_server.php otp_server.php
+COPY config/ config
+COPY otp_server_config/ /var/otp_server_config
+EXPOSE 80
diff --git a/web/otp-server.php b/otp_server.php
similarity index 84%
rename from web/otp-server.php
rename to otp_server.php
index be9b75e5de7ebfe2d67fbf8fc9b329054e4319a9..d593b2653bd3fb5ae407ee6ba4f569fb94882f4d 100644
--- a/web/otp-server.php
+++ b/otp_server.php
@@ -13,12 +13,12 @@
  */
 session_start();
 
-require_once('../vendor/autoload.php');
-require_once('../../config/config.php');
+require_once('vendor/autoload.php');
+require_once('config/config.php');
 require_once(DB_CONFIG_LOCATION);
 use OTPHP\TOTP;
 
-$mysqli = new mysqli(DB_HOST, USER, PASSWORD, DB_DATABASE);
+$mysqli = new mysqli(DB_HOST, USER, PASSWORD, OTP_DATABASE);
 if ($mysqli->connect_error) {
     die("Not connected");
 }
@@ -26,6 +26,7 @@ $mysqli->set_charset('utf8');
 $mysqli->query("SET time_zone='+00:00'");
 
 if (empty($_GET['user'])) {
+    print('no username argument');
     exit;
 }
 
@@ -40,7 +41,7 @@ if ($result) {
     } else {
         $r = $result->fetch_row();
         $otpSecret = $r[0];
-        $otpLastCode = $r[1];
+        $otpLastCode = intval($r[1]);
         $verified = $r[2];
         $out = 0; // the user exists in the database - this is a temporary code value
     }
@@ -48,11 +49,11 @@ if ($result) {
     exit; 
 }
 
-$otpCode = filter_var($_GET['otp'], FILTER_SANITIZE_NUMBER_INT);
+$otpCode = isset($_GET['otp']) ? intval(filter_var($_GET['otp'], FILTER_SANITIZE_NUMBER_INT)) : 0;
 
 // check if any code has been passed and if so update the result code accordingle - again this value is temporary
 
-if ($otpCode == '' && $out == 0) {
+if ($otpCode == 0 && $out == 0) {
     if ($verified == 1) {
         $out = 3;
     } else {
@@ -63,7 +64,7 @@ if ($otpCode == '' && $out == 0) {
 
 if ($out == 0) { // the otp code must have been provided and the user exists in the DB, the secret is taken form the DB
     $otpObject = TOTP::create($otpSecret);
-    $otpTestCode = $otpObject->now();
+    $otpTestCode = intval($otpObject->now());
     if ($otpCode === $otpTestCode) {
         if($otpCode === $otpLastCode) {
             $out = 4;
diff --git a/otp_server_config/otp_config-template.php b/otp_server_config/otp_config-template.php
new file mode 100644
index 0000000000000000000000000000000000000000..685d80733fda9be864bd0463a9149b0143050354
--- /dev/null
+++ b/otp_server_config/otp_config-template.php
@@ -0,0 +1,6 @@
+<?php
+define('DB_HOST','edugain-db');
+define('DB_DATABASE','edugain');
+define('USER', 'otp');
+define('PASSWORD', 'xxxx');
+