Laravel 2fa

A simple two factor authentication for laravel applications.

Installation
Usage
Contributing
Credits
License

Installation

Require this package via composer

To get started with Laravel 2FA, use Composer to add the package to your project's dependencies:

composer require rezkonline/laravel-2fa

Or add this line in your composer.json, inside of the require section:

{
    "require": {
        "rezkonline/laravel-2fa": "^1.1",
    }
}

then run composer install.

Update database with php artisan migrate

After installing the package, you must run php artisan migrate to add the two factor authentication fields to your users table.

It will add the following columns to your database table:

|-------- users --------|
|    two_factor_code    |
| two_factor_expires_at |
|-----------------------|

Replace AuthenticatesUsers trait on LoginController

After that, open your app\Http\Controllers\Auth\LoginController file and replace the AuthenticatesUsers trait with the AuthenticateUsersWithTwoFactor, provided by this package.

Basically, it overrides the authenticated method on AuthenticatesUsers:

trait AuthenticateUsersWithTwoFactor
{
    use AuthenticatesUsers;

    /**
     * The user has been successfully authenticated.
     * @param Request $request
     * @param $user
     */
    public function authenticated(Request $request, $user)
    {
        $user->generateTwoFactorCode();
        $user->notify(new TwoFactorCode());
    }
}

Then, just use the HasTwoFactorAuthentication trait in your User model:



namespace App;

use Illuminate\Notifications\Notifiable;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use Notifiable;
    use HasTwoFactorAuthentication;
    ...
}

Publish package config

To publish the package configuration, you can use the following command:

php artisan vendor:publish --provider="Rezkonline\TwoFactorAuth\TwoFactorAuthServiceProvider" --tag="laravel-2fa-config"

After published, this is how config/laravel-2fa.php will looks like:

[ "users" => "users", ], /* |-------------------------------------------------------------------------- | Two factor code length |-------------------------------------------------------------------------- | Specify the length of your two factor code. | */ "code_length" => 8, /* |-------------------------------------------------------------------------- | Two factor code expiration time |-------------------------------------------------------------------------- | Specify the duration of your two factor code in minutes. | */ "code_expires_in" => 10, /* |-------------------------------------------------------------------------- | Redirect to route |-------------------------------------------------------------------------- | Specify the route which users should be redirected to after successfully confirming | the two factor auth code. | */ "redirect_to_route" => "home" ];">



return [
    /*
   |--------------------------------------------------------------------------
   | Tables
   |--------------------------------------------------------------------------
   | Specify the basics authentication tables that you are using.
   | Once you required this package, the following tables are
   | created/modified by default when you run the command
   |
   | php artisan migrate
   |
    */
    "tables" => [
        "users" => "users",
    ],
   
    /*
   |--------------------------------------------------------------------------
   | Two factor code length
   |--------------------------------------------------------------------------
   | Specify the length of your two factor code.
   |
    */
    "code_length" => 8,

     /*
    |--------------------------------------------------------------------------
    | Two factor code expiration time
    |--------------------------------------------------------------------------
    | Specify the duration of your two factor code in minutes.
    |
    */
    "code_expires_in" => 10,

     /*
     |--------------------------------------------------------------------------
     | Redirect to route
     |--------------------------------------------------------------------------
     | Specify the route which users should be redirected to after successfully confirming
     | the two factor auth code.
     |
      */
    "redirect_to_route" => "home"
];

Publish package assets

This package uses a custom view to confirm the two factor code. You need to publish the package assets to that view with the following command:

php artisan vendor:publish --provider="Rezkonline\TwoFactorAuth\TwoFactorAuthServiceProvider" --tag="laravel-2fa-assets"

Usage

To start using this package, you need to configure your email settings in .env file. This is an example config:

MAIL_MAILER=your_mailer
MAIL_HOST=your_mailer_host
MAIL_PORT=2525
MAIL_USERNAME=your_mail_username
MAIL_PASSWORD=your_mail_password
MAIL_ENCRYPTION=null
MAIL_FROM_ADDRESS=your_mail@your_domain.com
MAIL_FROM_NAME="${APP_NAME}"

Now, you need to register the two_factor middleware in your app/Http/Kernel.php file. Add it to the routeMiddleware array:

protected $routeMiddleware = [
    ...
    'two_factor_auth' => TwoFactorAuthMiddleware::class
];

After that, you just need to protect your routes with the two_factor middleware:

Route::middleware('two_factor_auth')->group(function() {
    // Your routes here
});

Events

This package dispatches events for two factor code confirmed and two factor code resent actions.

You can listen to these events in your EventServiceProvider:

protected $listen = [
    \Rezkonline\TwoFactorAuth\Events\TwoFactorCodeConfirmed::class => [
        //Your listeners here
    ],
    \Rezkonline\TwoFactorAuth\Events\TwoFactorCodeResent::class => [
        // Your listeners here
    ]
];

With your routes protected, your users must confirm the two factor authentication code, which will be sent via email after they login with correct credentials.

Contributing

Thank you for considering contributing for the Laravel Invite Codes package! The contribution guide can be found here.

Tests

Run composer test to test this package.

Credits

License

The Laravel 2FA package is open-sourced software licenced under the MIT License. Please see the License File for more information.

This repository includes a sample project to illustrate the usage of the JobRouter® Authentication Factor API.

JR 2FA Example Plugin This repository includes a sample project to illustrate the usage of the JobRouter® Authentication Factor API. It can be used as

4 Sep 10, 2021

PHP class to generate and verify Google Authenticator 2-factor authentication

2.1k Jan 2, 2023

phpCAS is an authentication library that allows PHP applications to easily authenticate users via a Central Authentication Service (CAS) server.

780 Dec 24, 2022

It's a Laravel 8 authentication markdown that will help you to understand and grasp all the underlying functionality for Session and API Authentication

About Auth Starter It's a Laravel 8 authentication markdown that will help you to understand and grasp all the underlying functionality for Session an

10 Aug 3, 2022

A package that allows secure communication between two or more projects, focused mainly for use in microservices architectures, adding the Oauth2 authorization standard in addition to security at the network level by IP addresses and whitelists, which may already be owned.

OAuth2 between Laravel projects A package that allows secure communication between two or more projects, focused mainly for use in microservices archi