Anjum Trusted Device Extension for Secure Sign-In

Overview

• Generates a unique registration code for each browser installation.
• Sends registration requests to your backend API endpoint.
• Allows administrators to approve or revoke device requests.
• Lets users check approval status directly inside the extension popup.

Extension Popup Preview

This is the popup interface your users see to copy code, send a request, and check approval status.

Installation Steps

1. Open chrome://extensions in your browser.
2. Enable Developer mode.
3. Click Load unpacked and select the extension folder.
4. For production usage, install the extension from your Chrome Web Store listing.

After installation, open the popup and click Send to submit the registration request to the admin team.

API Implementation (PHP)

Recommended endpoint path: /ui/api/extension_register.php

Reference starter file: setup/api-extension-register.php

POST JSON payload
{
  "action": "register",
  "registration_code": "ABCDE-12345",
  "extension_device_id": "hash-id",
  "contact_value": "user@email.com",
  "browser_info": "Mozilla/..."
}

Success response
{
  "ok": true,
  "approved": false,
  "message": "Registration request sent. Ask admin to approve your code."
}

Support two actions on the same endpoint: register (insert/update request) and status (return approval state).

How to Check Registration Code Approval

Latest flow: users do not type the extension code manually. The extension saves approved code to browser localStorage, and your login form submits it via hidden field extension_code.

Quick copy file: setup/code-check-examples.txt

Frontend (Hidden Field + Local Storage)

<input type="hidden" id="extension_code" name="extension_code" value="">

<script>
document.addEventListener('DOMContentLoaded', function () {
  const input = document.getElementById('extension_code');
  const form = document.querySelector('form[action=""]');

  const fillCode = function () {
    input.value = String(localStorage.getItem('anjum_extension_code') || '')
      .trim()
      .toUpperCase();
  };

  fillCode();
  form.addEventListener('submit', fillCode);
});
</script>

PHP (cURL)

<?php
$apiUrl = 'https://anjumtrusted.com/ui/api/extension_register.php';
$extensionCode = strtoupper(trim((string)($_POST['extension_code'] ?? '')));

if ($extensionCode === '') {
  die('Extension code not detected from this browser.');
}

$payload = [
  'action' => 'status',
  'registration_code' => $extensionCode
];

$ch = curl_init($apiUrl);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_HTTPHEADER, ['Content-Type: application/json']);
curl_setopt($ch, CURLOPT_POSTFIELDS, json_encode($payload));

$response = curl_exec($ch);
curl_close($ch);

$data = json_decode($response, true);
$isApproved = !empty($data['approved']);

if ($isApproved) {
  // Allow login
} else {
  // Block login
}
?>

ASP.NET (C#)

using System.Net.Http;
using System.Net.Http.Json;

var extensionCode = (Request.Form["extension_code"].ToString() ?? "").Trim().ToUpperInvariant();
if (string.IsNullOrWhiteSpace(extensionCode)) {
    return Results.BadRequest("Extension code not detected from this browser.");
}

var http = new HttpClient();
var payload = new {
    action = "status",
    registration_code = extensionCode
};

var response = await http.PostAsJsonAsync(
    "https://anjumtrusted.com/ui/api/extension_register.php",
    payload
);

var result = await response.Content.ReadFromJsonAsync<StatusResponse>();
if (result?.approved == true) {
    // Allow login
} else {
    // Block login
}

public class StatusResponse {
    public bool ok { get; set; }
    public bool approved { get; set; }
    public string? message { get; set; }
}

ASP.NET (VB.NET)

Imports System.Net.Http
Imports System.Text
Imports Newtonsoft.Json

Dim extensionCode = Request.Form("extension_code").ToString().Trim().ToUpper()
If String.IsNullOrWhiteSpace(extensionCode) Then
    Throw New Exception("Extension code not detected from this browser.")
End If

Dim apiUrl = "https://anjumtrusted.com/ui/api/extension_register.php"
Dim jsonBody = "{""action"":""status"",""registration_code"":""" & extensionCode & """}"

Using client As New HttpClient()
    Dim content = New StringContent(jsonBody, Encoding.UTF8, "application/json")
    Dim response = Await client.PostAsync(apiUrl, content)
    Dim responseText = Await response.Content.ReadAsStringAsync()
    Dim result = JsonConvert.DeserializeObject(Of StatusResponse)(responseText)

    If result.approved Then
        ' Allow login
    Else
        ' Block login
    End If
End Using

Public Class StatusResponse
    Public Property ok As Boolean
    Public Property approved As Boolean
    Public Property message As String
End Class

React JS

async function checkCodeFromBrowser() {
  const registrationCode = String(localStorage.getItem('anjum_extension_code') || '')
    .trim()
    .toUpperCase();

  if (!registrationCode) {
    return { approved: false, message: 'Extension code not detected.' };
  }

  const response = await fetch('https://anjumtrusted.com/ui/api/extension_register.php', {
    method: 'POST',
    headers: { 'Content-Type': 'application/json' },
    body: JSON.stringify({
      action: 'status',
      registration_code: registrationCode
    })
  });

  return response.json();
}

Node.js (Express)

import express from 'express';
import fetch from 'node-fetch';

const app = express();
app.use(express.urlencoded({ extended: true }));

app.post('/login', async (req, res) => {
  const extensionCode = String(req.body.extension_code || '').trim().toUpperCase();
  if (!extensionCode) {
    return res.status(400).send('Extension code not detected from this browser.');
  }

  const response = await fetch('https://anjumtrusted.com/ui/api/extension_register.php', {
    method: 'POST',
    headers: { 'Content-Type': 'application/json' },
    body: JSON.stringify({
      action: 'status',
      registration_code: extensionCode
    })
  });

  const data = await response.json();
  if (data.approved) {
    // Allow login
  } else {
    // Block login
  }
});

Database Setup (SQL Server)

Run this SQL script to create required tables: setup/database.sql

Table: extension_devices
- id (PK)
- registration_code (unique)
- extension_device_id
- contact_value
- browser_info
- status (pending/approved/revoked)
- approved_by_userid
- approved_at, revoked_at
- created_at, updated_at

In your admin panel, list pending records and provide Approve / Revoke actions.

Hosting & Deployment

1. Upload the extension-website folder to your public web root (for example, public_html).
2. Deploy your backend endpoint at /ui/api/extension_register.php.
3. Create database objects using setup/database.sql.
4. Set extension API URL to https://anjumtrusted.com/ui/api/extension_register.php.
5. Enable HTTPS and keep CORS headers configured for extension requests.

Production domain is set to anjumtrusted.com. Keep SSL active and restrict API access where possible.

Privacy Policy URL

Use this URL in your Chrome Web Store listing:

https://anjumtrusted.com/privacy-policy-extension.html