boxed-code / laravel-challenge
Multi-method two factor authentication for Laravel apps.
Installs: 5 174
Dependents: 0
Suggesters: 0
Security: 0
Stars: 2
Watchers: 2
Forks: 0
Open Issues: 1
Requires
- php: >=7.4
- illuminate/bus: ^6.0|^7.0|^8.0
- illuminate/console: ^6.0|^7.0|^8.0
- illuminate/contracts: ^6.0|^7.0|^8.0
- illuminate/database: ^6.0|^7.0|^8.0
- illuminate/events: ^6.0|^7.0|^8.0
- illuminate/http: ^6.0|^7.0|^8.0
- illuminate/notifications: ^6.0|^7.0|^8.0
- illuminate/routing: ^6.0|^7.0|^8.0
- illuminate/support: ^6.0|^7.0|^8.0
Requires (Dev)
- laravel/ui: ^1.0|^2.0|^3.0
- mockery/mockery: ^1.3.3
- orchestra/testbench: ^4.0|^5.0|^6.0
- phpunit/phpunit: ^8.0|^9.0
- symfony/thanks: ^1.0
Suggests
- bacon/bacon-qr-code: Allows local generation of QR code images
- laravel-notification-channels/twilio: Allows the use of twilio SMS & voice
- pragmarx/google2fa: Allows use of Google Authenticator (OTP)
This package is auto-updated.
Last update: 2024-10-21 00:51:45 UTC
README
Version Compatibility
You'll need PHP >= 7.4 and Laravel 6.x, 7.x or 8.x.
Getting Started
A demo project is available at laravel-challenge-demo, see this commit to view how simple it is to implement.
Installation
composer require boxed-code/laravel-challenge then run the databse migrations using ./artisan migrate
Implementation
Modify your User model class to implement \BoxedCode\Laravel\Auth\Challenge\Contracts\Challengeable and either optionally use the BoxedCode\Laravel\Auth\Challenge\Challengeable trait or implement the the methods defined in the contract yourself.
Next you must add the middleware \BoxedCode\Laravel\Auth\Challenge\Http\Middleware\RequireAuthentication to the routes you would like to protect or simply add it to the global stack
Further Steps
Login an enrol yourself to the default 'email' authentication method at http://localhost/tfa/email/enrol, then logout and in again to be challenged for 2FA via email.
To Document
- Overview
- Configuration options (challengeable.php)
- Authentication methods
- Enabling default methods
- Twilio SMS
- Twilio Voice (WIP)
- Google Authenticator [OTP]
- Password (WIP)
- Custom notification based authentication methods
- Custom authentication methods
- Enabling default methods
- Challenges
- Token Generators
- Lifetimes & Periodic Re-authentication
- Custom Repositories
- Authentication for different purposes & lifetimes
- Skining / Theming views
- Events
License
MIT