brians84/two-factor-auth-laravel

A package to handle 2FA authentication

Maintainers

Details

github.com/brians84/two-factor-auth-laravel

Source

Installs: 16

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 0

Forks: 1

dev-main 2023-06-22 12:55 UTC

Requires

MIT cca164e905379dad8c135d69cc1cb7e413e243ef

  • maurohmartinez <maurohmartinez.woop@gmail.com>
  • brians84 <brian.woop@clicksmash.com>

laravelTwo Factor Authenticationbackpackgoogle authentication for laravel

This package is auto-updated.

Last update: 2024-04-22 14:48:35 UTC

README

A simple 2FA that uses Google Authenticator.

About The Project

This project uses the following three packages:

You can obviously install those three packages and do it yourself, but this is a quick and easy implementation.

In short, this package requests users to validate their credentials with Google Authenticator right after they logged in.

  • If the user never registered 2FA, it displays the setup page to do it.

screenshot-1

  • If the user already did it, it displays the validation form.

screenshot-2

Also, if you have a "remember" input in your login form, we pick up on that and add a cookie after successful validation. So the next time the user visits the site, we don't ask again for 2FA validation. Once the user logs out, we removed the cookie.

Installation

  1. Use composer to require this project

       composer require maurohmartinez/two-factor-auth-laravel

  2. Run migrations

       php artisan migrate

  3. Publish config, views, and public files and customize them as (and if) you need

       php artisan vendor:publish --provider="MHMartinez\TwoFactorAuth\app\Providers\TwoFactorAuthServiceProvider"

  4. [optional] Adjust middleware group name

    This package automatically applies a middleware to route "admin", but you can adjust that by updating the config file:

    'middleware_route' => 'admin'

    You can also manually add the middleware MHMartinez\TwoFactorAuth\app\Http\Middleware\TwoFactorAuthMiddleware where you need it.

  5. [optional] If you only want to ask certain users to validate 2FA, your User model should implement interface MHMartinez\TwoFactorAuth\app\Interfaces\TwoFactorAuthInterface. That will require you to add a new method shouldValidateWithTwoFactorAuth which should return a boolean indicating whether the middleware should skip that given user.

    Sample of your User Model Class:

    use MHMartinez\TwoFactorAuth\app\Interfaces\TwoFactorAuthInterface;

class User extends Authenticate implements TwoFactorAuthInterface

    Sample of method shouldValidateWithTwoFactorAuth():

    public function shouldValidateWithTwoFactorAuth(): bool
 {
     // do your logic here
     
     return true; // or false :)
 }

  6. [optional] Disable this package in local environments by adding TWO_FACTOR_AUTH_ENABLED=false in your .env

  7. [optional] Set in days when the one-time-password expires in the config file. FYI, 0 means it never expires '2fa_expires' => 0,

Contact

Project Link: https://github.com/maurohmartinez/two-factor-auth-laravel