rezkonline/laravel-2fa

A simple 2FA authentication for laravel applications.

Maintainers

Details

github.com/rezkonline/laravel-2fa

Source

Issues

Installs: 10

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 0

Forks: 0

Open Issues: 0

dev-master 2022-02-09 21:14 UTC

Requires

Requires (Dev)

MIT 89efa62a8887ed228145476396a3928a08042431

  • Mateus Rezkonline <mateus.woop@Rezkonline.dev>

This package is not auto-updated.

Last update: 2024-05-31 06:33:52 UTC

README

laravel-2fa-readme.png

Laravel 2fa

A simple two factor authentication for laravel applications.

Total Downloads Latest Stable Version License 68747470733a2f2f6769746875622e7374796c6563692e696f2f7265706f732f3235323138323931302f736869656c643f7374796c653d666c6174 badge.svg

Installation

Require this package via composer

To get started with Laravel 2FA, use Composer to add the package to your project's dependencies:

composer require rezkonline/laravel-2fa

Or add this line in your composer.json, inside of the require section:

{
    "require": {
        "rezkonline/laravel-2fa": "^1.1",
    }
}

then run composer install.

Update database with php artisan migrate

After installing the package, you must run php artisan migrate to add the two factor authentication fields to your users table.

It will add the following columns to your database table:

|-------- users --------|
|    two_factor_code    |
| two_factor_expires_at |
|-----------------------|

Replace AuthenticatesUsers trait on LoginController

After that, open your app\Http\Controllers\Auth\LoginController file and replace the AuthenticatesUsers trait with the AuthenticateUsersWithTwoFactor, provided by this package.

Basically, it overrides the authenticated method on AuthenticatesUsers:

trait AuthenticateUsersWithTwoFactor
{
    use AuthenticatesUsers;

    /**
     * The user has been successfully authenticated.
     * @param Request $request
     * @param $user
     */
    public function authenticated(Request $request, $user)
    {
        $user->generateTwoFactorCode();
        $user->notify(new TwoFactorCode());
    }
}

Then, just use the HasTwoFactorAuthentication trait in your User model:

<?php

namespace App;

use Illuminate\Notifications\Notifiable;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use Notifiable;
    use HasTwoFactorAuthentication;
    ...
}

Publish package config

To publish the package configuration, you can use the following command:

php artisan vendor:publish --provider="Rezkonline\TwoFactorAuth\TwoFactorAuthServiceProvider" --tag="laravel-2fa-config"

After published, this is how config/laravel-2fa.php will looks like:

<?php

return [
    /*
   |--------------------------------------------------------------------------
   | Tables
   |--------------------------------------------------------------------------
   | Specify the basics authentication tables that you are using.
   | Once you required this package, the following tables are
   | created/modified by default when you run the command
   |
   | php artisan migrate
   |
    */
    "tables" => [
        "users" => "users",
    ],
   
    /*
   |--------------------------------------------------------------------------
   | Two factor code length
   |--------------------------------------------------------------------------
   | Specify the length of your two factor code.
   |
    */
    "code_length" => 8,

     /*
    |--------------------------------------------------------------------------
    | Two factor code expiration time
    |--------------------------------------------------------------------------
    | Specify the duration of your two factor code in minutes.
    |
    */
    "code_expires_in" => 10,

     /*
     |--------------------------------------------------------------------------
     | Redirect to route
     |--------------------------------------------------------------------------
     | Specify the route which users should be redirected to after successfully confirming
     | the two factor auth code.
     |
      */
    "redirect_to_route" => "home"
];

Publish package assets

This package uses a custom view to confirm the two factor code. You need to publish the package assets to that view with the following command:

php artisan vendor:publish --provider="Rezkonline\TwoFactorAuth\TwoFactorAuthServiceProvider" --tag="laravel-2fa-assets"

Usage

To start using this package, you need to configure your email settings in .env file. This is an example config:

MAIL_MAILER=your_mailer
MAIL_HOST=your_mailer_host
MAIL_PORT=2525
MAIL_USERNAME=your_mail_username
MAIL_PASSWORD=your_mail_password
MAIL_ENCRYPTION=null
MAIL_FROM_ADDRESS=your_mail@your_domain.com
MAIL_FROM_NAME="${APP_NAME}"

Now, you need to register the two_factor middleware in your app/Http/Kernel.php file. Add it to the routeMiddleware array:

protected $routeMiddleware = [
    ...
    'two_factor_auth' => TwoFactorAuthMiddleware::class
];

After that, you just need to protect your routes with the two_factor middleware:

Route::middleware('two_factor_auth')->group(function() {
    // Your routes here
});

Events

This package dispatches events for two factor code confirmed and two factor code resent actions.

You can listen to these events in your EventServiceProvider:

protected $listen = [
    \Rezkonline\TwoFactorAuth\Events\TwoFactorCodeConfirmed::class => [
        //Your listeners here
    ],
    \Rezkonline\TwoFactorAuth\Events\TwoFactorCodeResent::class => [
        // Your listeners here
    ]
];

With your routes protected, your users must confirm the two factor authentication code, which will be sent via email after they login with correct credentials.

Contributing

Thank you for considering contributing for the Laravel Invite Codes package! The contribution guide can be found here.

Tests

Run composer test to test this package.

Credits

License

The Laravel 2FA package is open-sourced software licenced under the MIT License. Please see the License File for more information.