mwguerra/email-security-manager

A robust Laravel package for managing email verification, password security, and audit trails

Maintainers

Details

github.com/mwguerra/email-security-manager

Source

Issues

Installs: 0

Dependents: 0

Suggesters: 0

Security: 0

Stars: 5

Watchers: 1

Forks: 0

Open Issues: 0

v1.0.0 2024-12-05 07:15 UTC

Requires

Requires (Dev)

MIT 8abfa87882a526db497898dc5063f6ccf3544a03

  • Marcelo W. Guerra <mwguerra.woop@gmail.com>

This package is auto-updated.

Last update: 2025-06-12 01:26:55 UTC

README

Latest Version on Packagist Total Downloads License

A comprehensive Laravel package for managing email verification and password security with built-in audit trails. This package helps you enforce security best practices and comply with data protection regulations.

Key Features

  • πŸ›‘οΈ Enhanced Security

    • Force periodic email reverification
    • Require regular password changes
    • Support for multiple authentication models
    • Configurable expiry periods

  • πŸ“Š Complete Audit Trail

    • Track all verification events
    • Monitor password changes
    • Record security-related actions
    • Polymorphic relationships for flexibility

  • πŸ”„ Automated Security

    • Middleware for automatic checks
    • Event-driven audit logging
    • Bulk operation support
    • Configurable security policies

  • πŸ“œ Compliance Ready

    • GDPR compliance support
    • LGPD requirements
    • CCPA alignment
    • Security best practices

Requirements

  • PHP 8.2 or higher
  • Laravel 11.0 or higher

Installation

composer require mwguerra/email-security-manager

Setup

  1. Publish the configuration and migrations:
php artisan vendor:publish --provider="MWGuerra\EmailSecurityManager\EmailSecurityManagerServiceProvider"
  1. Run the migrations:
php artisan migrate
  1. Add the HasEmailSecurity trait to your authenticatable models:
use MWGuerra\EmailSecurityManager\Traits\HasEmailSecurity;

class User extends Authenticatable
{
    use HasEmailSecurity;
}

Configuration

Basic Configuration

Configure your authenticatable models and security settings in config/email-security.php:

return [
    // Configure authenticatable models
    'authenticatable_models' => [
        'default' => \App\Models\User::class,
        'admin' => \App\Models\Admin::class,
        'customer' => \App\Models\Customer::class,
    ],

    // Set expiry periods
    'verification_expiry_days' => env('EMAIL_VERIFICATION_EXPIRY_DAYS', 30),
    'password_expiry_days' => env('PASSWORD_EXPIRY_DAYS', 90),

    // Configure redirect route
    'redirect_route' => 'verification.notice',

    // Routes to skip verification
    'skip_routes' => [
        'verification.notice',
        'verification.verify',
        'verification.send',
        'password.request',
        'password.reset',
        'password.update',
        'logout'
    ],
];

Middleware Setup

Add the middleware to your app/Http/Kernel.php:

protected $routeMiddleware = [
    'verify.email' => \MWGuerra\EmailSecurityManager\Middleware\EmailSecurityMiddleware::class,
];

Usage

Basic Usage

use MWGuerra\EmailSecurityManager\Services\EmailSecurityService;

class SecurityController extends Controller
{
    public function __construct(
        protected EmailSecurityService $securityService
    ) {}

    public function requireVerification(User $user)
    {
        $this->securityService->requestReverification(
            authenticatable: $user,
            reason: 'Security policy update',
            triggeredBy: auth()->user()
        );
    }
}

Multiple Authentication Models

// Using different authenticatable models
$this->securityService
    ->useAuthenticatable(Admin::class)
    ->requestReverification($admin);

// Or specify in the method call
$this->securityService->requestReverification(
    authenticatable: $customer,
    authenticatableClass: Customer::class
);

Bulk Operations

// Force reverification for multiple users
$users = User::where('department', 'IT')->get();
$this->securityService->requestReverification(
    authenticatables: $users,
    reason: 'Department security update'
);

// Request password change for all active admins
$admins = Admin::where('is_active', true)->get();
$this->securityService
    ->useAuthenticatable(Admin::class)
    ->requestPasswordChange($admins);

Middleware Usage

// In your routes file
Route::middleware(['auth', 'verify.email'])->group(function () {
    // Protected routes requiring valid email verification
});

Audit Trail

// Get verification history
$user->securityAudits()->latest()->get();

// Get recent verifications
$user->securityAudits()
    ->emailVerifications()
    ->recent()
    ->get();

// Get password changes
$user->securityAudits()
    ->passwordChanges()
    ->get();

Advanced Features

// Custom expiry periods
$this->securityService
    ->setVerificationExpiryDays(60)
    ->setPasswordExpiryDays(45)
    ->requestReverification($user);

// Get entities requiring action
$needsAction = $this->securityService->getAuthenticatablesRequiringAction();

Events

The package automatically listens for and logs these Laravel events:

  • Illuminate\Auth\Events\Verified
  • Illuminate\Auth\Events\PasswordReset

Testing

composer test

Security

If you discover any security issues, please email mwguerra@gmail.com instead of using the issue tracker.

Credits

Special Thanks

Special thanks to the Beer and Code Laravel Community for all the support, feedback, and great discussions that helped shape this package. Their dedication to sharing knowledge and fostering collaboration in the Laravel ecosystem is truly inspiring. πŸΊπŸ‘¨β€πŸ’»

About

I'm a software engineer specializing in Laravel and PHP development. Visit mwguerra.com to learn more about my work.

License

The MIT License (MIT). Please see License File for more information.