carloscgo / nova-google2fa
This package provides Google2FA to Laravel Nova.
v2.0.4
2018-11-16 15:49 UTC
Requires
- php: >=7.1.0
- bacon/bacon-qr-code: ^2.0
- pragmarx/google2fa-laravel: ^0.2.0
- pragmarx/recovery: ^0.1.0
README
This package enforces 2FA for Laravel Nova.
Upgrade from 0.0.7 to 1.0.0
Upgrade guide is available Here.
Flow
Activation
- User gets recovery codes.
- User activates 2FA on his device.
Verification
- User verifies login with 2FA.
Recovery
- If user enters invalid code, recovery button is shown.
- User enters recovery code.
- User is redirected to activation process.
Installation
Install via composer
$ composer require carloscgo/nova-google2fa
Publish config and migrations
$ php artisan vendor:publish --provider="CarlosCGO\Google2fa\ToolServiceProvider"
Run migrations
$ php artisan migrate
Add relation to User model
use CarlosCGO\Google2fa\Models\User2fa; ... /** * @return HasOne */ public function user2fa(): HasOne { return $this->hasOne(User2fa::class); }
Add middleware to nova.config
.
[ ... 'middleware' => [ ... \CarlosCGO\Google2fa\Http\Middleware\Google2fa::class, ... ], ]
Config
return [ /** * Disable or enable middleware. */ 'enabled' => env('GOOGLE_2FA_ENABLED', true), 'models' => [ /** * Change this variable to path to user model. */ 'user' => 'App\User', ], 'tables' => [ /** * Table in which users are stored. */ 'user' => 'users', ], 'recovery_codes' => [ /** * Number of recovery codes that will be generated. */ 'count' => 8, /** * Number of blocks in each recovery code. */ 'blocks' => 3, /** * Number of characters in each block in recovery code. */ 'chars_in_block' => 16, /** * The following algorithms are currently supported: * - PASSWORD_DEFAULT * - PASSWORD_BCRYPT * - PASSWORD_ARGON2I // available from php 7.2 */ 'hashing_algorithm' => PASSWORD_BCRYPT, ], ];
Security
If you discover any security-related issues, please email the author instead of using the issue tracker.
Credits
License
MIT license. Please see the license file for more information.