diff --git a/README.md b/README.md index fe04587255ff2de728df41933130d2a62adf3935..afb7eb248ef2fe346883efbd6d1071faffc79922 100644 --- a/README.md +++ b/README.md @@ -1,15 +1,15 @@ # TOTP server for technical site This is a simple back-end server meant to run in a secure enviromnent full with access to the database where users' TOTP secrets are stored. -The server used HTTP to respond to GET queries. It azzepts two parameters -- user - here you provide the user identifier as passed form eduTEAMS - this argument is mandatory -- otp - the one-time time-based code entered by the user, this is optional +The server uses HTTP to respond to GET queries. It accepts two parameters +- user - here you provide the user identifier as passed from eduTEAMS - this argument is mandatory +- otp - the one-time, time-based code entered by the user, this is optional ## Functions and return values -The server return a json-encoded integer: +The server returns a json-encoded integer: * -1 - user not found in the database (otp argument not required) * 0 - user exists but there was a missmatch in the code (otp argument required) * 1 - there was a success in verification of the code against the user secret (otp argument required) @@ -18,22 +18,22 @@ The server return a json-encoded integer: * 4 - the code has been used for a second time (otp argument required) When a code is verified, its value is written into the database as the "last_code" value to prevent reuse. Also the "verified" value -is set to 1 (this is an ovekill as only needs to be done on the first succesful verification, but simplefies the code). -The server reads the user's secret form the database, calculates the corresponding TOTP value and campares to the value provided. +is set to 1 (this is an overkill as it only needs to be done on the first succesful verification, but simplefies the code). +The server reads the user's secret from the database, calculates the corresponding TOTP value and campares to the value provided. -The server may also be used to test if users exist in the database and whetehr they have ever successfully entered an TOPT code. -This function is used by the login interface to determine if the registration needs to be perfored and the first confiramtion OTP +The server may also be used to test if users exist in the database and whether they have ever successfully entered a TOPT code. +This function is used by the login interface to determine if the registration needs to be performed and the first confiramtion OTP code is required. ## Installation -The server works with the **otp** database which is shared with the thechnical site installation. +The server works with the **otp** database which is shared with the technical site installation. You must define user **otp** or whatever you decide to call it (and set in the otp_config.php). ### Without Docker -All you need is a https server with pho and mysql support. The server will need to make outside connections to the database host. +All you need is an https server with php and mysql support. The server will need to make outside connections to the database host. If you run stuff within secure environment (as you should) you do not need https.