lakm/nopass

Provides passwordless authentication for your laravel projects.

Maintainers

Details

github.com/Lakshan-Madushanka/nopass

Source

Issues

Installs: 654

Dependents: 1

Suggesters: 0

Security: 0

Stars: 16

Watchers: 1

Forks: 0

Open Issues: 0

1.0.3 2024-10-19 12:45 UTC

Requires

Requires (Dev)

MIT 5607f3826a8344e509aca11e0bd56f50cfa1df2a

  • Lakshan-Madushanka <epmadushanka.woop@gmail.com>

AuthenticationemailauthlaravelotpPasswordless

This package is auto-updated.

Last update: 2024-10-19 12:46:22 UTC

README

Overview | How it works | Verification link | OTP code | Usage examples | Changelog | Testing | Security | License

Passwords are no longer secure!

Laravel GitHub Actions Workflow Status Packagist Version Downloads GitHub License

Overview

"I'm so fed up with passwords! I have to reset them all the time."

"Oh no, my passwords were leaked. I bet it's my password manager's fault."

"Someone accessed my account—I think they guessed my weak password."

We've all encountered one of these issues at some point. As the internet has evolved, there are now websites for almost everything we need. Modern users often have more than five accounts online.

How many online accounts do you have? The answer is likely more than one—probably more than 10. So, how do you manage to remember the passwords for each of these accounts? Here are a few options you might consider:

  • Memorize them.
  • Use a password manager.
  • Reset your password every time you forget it. 😂

We can easily rule out the first option since most of us aren't blessed with a superhuman memory. While password managers are a popular choice, their security isn't foolproof—data breaches and password leaks happen far too often, making them a less-than-reliable option.

That is the users' side of story. It's our responsibility to provide more convenience authentication methods for our users and improve user experiences. That is what this package made for.

!Note The package doesn't provide any authentication method. Instead, it provides two methods to use in your existing auth system. You can use any authentication like breeze, jetstream or custom one. Sample implementation has been provided in demo project

How it works

The package offers two methods for verification: sending a verification link to the user's email address or sending an OTP (One-Time Password) to the user's mobile number.

Verification link

Generate a link

    use LakM\NoPass\Facades\NoPass;
    
    $data = [];
    
    $link = NoPass::for($user)
        ->email()
        ->routeName('login-link')
        ->generate($data); // Data are attached to query string

OTP Code

Generate a OTP code

    use LakM\NoPass\Facades\NoPass;
    
    $link = NoPass::for($user)
        ->otp()
        ->generate();

Check validity

Check Email

    use LakM\NoPass\Facades\NoPass;
    
    $isValid = NoPass::for($user)
            ->isValid();

Check OTP

    use LakM\NoPass\Facades\NoPass;
    
    $isValid = NoPass::for($user)
            ->isValid($otp);

Invalidate

    use LakM\NoPass\Facades\NoPass;
    
    $isValid = NoPass::for($user)
            ->inValidate();

Usage Examples

Changelog

Please see CHANGELOG for more information what has changed recently.

Testing

./vendor/bin/pest

Security

Please see here for our security policy.

License

The MIT License (MIT). Please see License File for more information.