Yii2 authy 2FA

Installs: 77

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 2

Forks: 1

Open Issues: 1


2.0.8 2018-11-30 11:52 UTC

This package is auto-updated.

Last update: 2023-01-13 16:19:07 UTC


Latest Version Software License Total Downloads

Extension for using 2FA from Authy with Yii2 and amnah/yii2-user


The preferred way to install yii2-authy is through Composer. Either add the following to the require section of your composer.json file:

"geoffry304/yii2-authy": "*"

Or run:

$ php composer.phar require geoffry304/yii2-authy "*"

You can manually install yii2-authy by downloading the source in ZIP-format.

Run the migration file php yii migrate --migrationPath=@vendor/geoffry304/yii2-authy/migrations

Update the config file

// app/config/web.php
return [
    'modules' => [
        'authy' => [
            'class' => 'geoffry304\authy\Module',
            'api_key' => 'here your api key from authy',
            'send_mail_from => ''
        'user' => [
            'class' => 'amnah\yii2\user\Module',
            'modelClasses' => [
                'LoginForm' => 'geoffry304\authy\forms\LoginForm'

Using Authy

You need to add this piece of code before you try performLogin

$module2FA = Yii::$app->getModule('authy');
if ($module2FA) {
    Yii::$app->session->set('credentials', ['login' => $model->email, 'pwd' => $model->password, 'remember' => $rememberMe]);
    $returnUrl = $module2FA->validateLogin($model->getUser());
    return $returnUrl;  


Module Has the following options to modify it's behaviour:

  • api_key: The key you get from authy website to make connection with it.
  • api_url: If you want to use an other url standard to
  • default_expirytime: The expire time the user will need to insert a new token standard to 30 days.
  • send_mail: Send mail when new device is added, standard to true.
  • send_mail_from: Send mail from required when send_mail is on.
  • logo: Path tho logo used in confirmation and registration form and also in sending mail.

If you need extra security, you can check on every action and controller if the current session still exist in db.

Update the config file

// app/config/web.php
return [
    'bootstrap' => ['GlobalCheck'],
    'components' => [
        'GlobalCheck'=> [