maurohmartinez / two-factor-auth-laravel
A package to handle 2FA authentication
Requires
- php: ^8.0
- bacon/bacon-qr-code: ^2.0.0
- laravel/framework: ^8.0.0|^9.0.0|^10.0.0|^11.0.0
- pragmarx/google2fa-laravel: ^2.0
- pragmarx/google2fa-qrcode: ^3.0
- dev-main
- 2.1.1
- 2.1.0
- v2.0.1
- v2.0.0
- v1.0.51
- v1.0.50
- v1.0.49
- v1.0.48
- v1.0.47
- v1.0.46
- v1.0.45
- v1.0.44
- v1.0.43
- v1.0.42
- v1.0.41
- v1.0.40
- v1.0.39
- v1.0.38
- v1.0.37
- v1.0.36
- v1.0.35
- v1.0.34
- v1.0.33
- v1.0.32
- v1.0.31
- v1.0.30
- v1.0.29
- v1.0.28
- v1.0.27
- v1.0.26
- v1.0.25
- v1.0.24
- v1.0.23
- v1.0.21
- v1.0.20
- v1.0.19
- v1.0.18
- v1.0.17
- v1.0.16
- v1.0.15
- v1.0.14
- v1.0.13
- v1.0.12
- v1.0.11
- v1.0.10
- v1.0.9
- v1.0.8
- v1.0.7
- v1.0.6
- v1.0.5
- v1.0.4
- v1.0.3
This package is auto-updated.
Last update: 2024-10-27 16:01:48 UTC
README
A simple 2FA that uses Google Authenticator.
About The Project
This project uses the following three packages:
You can obviously install those three packages and do it yourself, but this is a quick and easy implementation.
In short, this package requests users to validate their credentials with Google Authenticator right after they logged in.
- If the user never registered 2FA, it displays the setup page to do it.
- If the user already did it, it displays the validation form.
Also, if you have a "remember" input in your login form, we pick up on that and add a cookie after successful validation. So the next time the user visits the site, we don't ask again for 2FA validation. Once the user logs out, we removed the cookie.
Installation
-
Use composer to require this project
composer require maurohmartinez/two-factor-auth-laravel
-
Run migrations
php artisan migrate
-
Publish config, views, and public files and customize them as (and if) you need
php artisan vendor:publish --provider="MHMartinez\TwoFactorAuth\app\Providers\TwoFactorAuthServiceProvider" -
[optional] Adjust middleware group name
This package automatically applies a middleware to route "admin", but you can adjust that by updating the config file:
'middleware_route' => 'admin'
You can also manually add the middleware
MHMartinez\TwoFactorAuth\app\Http\Middleware\TwoFactorAuthMiddlewarewhere you need it. -
[optional] If you only want to ask certain users to validate 2FA, your
Usermodel should implement interfaceMHMartinez\TwoFactorAuth\app\Interfaces\TwoFactorAuthInterface. That will require you to add a new methodshouldValidateWithTwoFactorAuthwhich should return a boolean indicating whether the middleware should skip that given user.Sample of your
UserModel Class:use MHMartinez\TwoFactorAuth\app\Interfaces\TwoFactorAuthInterface; class User extends Authenticate implements TwoFactorAuthInterface
Sample of method
shouldValidateWithTwoFactorAuth():public function shouldValidateWithTwoFactorAuth(): bool { // do your logic here return true; // or false :) }
-
[optional] Disable this package in local environments by adding
TWO_FACTOR_AUTH_ENABLED=falsein your.env -
[optional] Set in days when the one-time-password expires in the config file. FYI, 0 means it never expires
'2fa_expires' => 0,
Contact
Project Link: https://github.com/maurohmartinez/two-factor-auth-laravel