putheakhem / laravel-otp
A simple OTP generator for Laravel
Fund package maintenance!
putheakhem
Patreon
Requires
- php: ^8.3.0
Requires (Dev)
- laravel/pint: ^1.18.1
- mockery/mockery: ^1.6
- pestphp/pest: ^3.7
- pestphp/pest-plugin-laravel: ^3.1
- pestphp/pest-plugin-type-coverage: ^3.1
- phpstan/phpstan: ^1.12.7
- rector/rector: ^1.2.8
- symfony/var-dumper: ^7.1.6
This package is auto-updated.
Last update: 2025-06-14 09:26:14 UTC
README
A Laravel package for generating, validating, and managing One-Time Passwords (OTP) with security features.
📌 Features
- ✅ Rate-limited OTP generation
- ✅ Configurable expiration times
- ✅ Invalidate OTP after first use
- ✅ Lock OTP to user session
- ✅ Invalidate OTP after too many failed attempts
- ✅ View detailed error messages
- ✅ Customizable mail template
- ✅ Auditable logs for security
🔧 Installation
1️⃣ Install via Composer
composer require putheakhem/otp
2️⃣ Publish Configuration & Migrations
php artisan vendor:publish --provider="PutheaKhem\Otp\Providers\OtpServiceProvider"
php artisan migrate
This will create:
- A config file at
config/otp.php - A database table
otps
3 Configuration
Modify config/otp.php to adjust settings:
return [ 'length' => 6, // OTP length 'expires_in' => 300, // OTP expiration time in seconds (5 minutes) 'max_attempts' => 5, // Maximum failed attempts before invalidation 'lock_to_session' => true, // OTP tied to user session 'mail_template' => 'otp::emails.otp', // Email template for OTP 'logging_enabled' => true, // Enable OTP logging ];
🔥 Usage
Generate an OTP
use PutheaKhem\Otp\Facades\Otp; $otp = Otp::generate('user@example.com'); dd($otp);
📌 Output Example:
PutheaKhem\Otp\Models\Otp {#123 id: 1, identifier: "user@example.com", otp: "123456", used: false, attempts: 0, expires_at: "2025-02-10 12:00:00" }
Validate an OTP
$response = Otp::validate('user@example.com', '123456'); dd($response);
📌 Expected Output: ✅ Success
{
"status": true,
"message": "OTP verified successfully."
}
❌ Failure (Invalid OTP)
{
"status": false,
"message": "Invalid OTP."
}
❌ Failure (Expired OTP)
{
"status": false,
"message": "OTP expired or invalid."
}
📩 Email Customization
Customize the email template at:
resources/views/vendor/otp/emails/otp.blade.php
Example:
<!DOCTYPE html> <html> <head> <title>OTP Verification</title> </head> <body> <p>Your OTP is: <strong>{{ $otp }}</strong></p> <p>This OTP is valid for {{ config('otp.expires_in') / 60 }} minutes.</p> </body> </html>
🔬 Testing
Run All Tests
php artisan test
📌 Expected Output:
✔ can generate OTP
✔ can validate OTP
✔ OTP invalid after expiry
✔ OTP fails after too many attempts
✔ OTP logs events
✔ Emails are sent correctly
✔ OTP is locked to session
📢 Contributing
- Fork the repository
- Clone the repo:
git clone https://github.com/putheakhem/otp.git
- Create a new branch:
git checkout -b feature-branch
- Commit changes & push:
git commit -m "Added new feature" git push origin feature-branch - Submit a Pull Request 🚀
🏆 Credits
Developed by Puthea Khem.
Special thanks to the Laravel community! 🎉
📜 License
This package is open-source and licensed under the MIT License.