Download the PHP package arhamlabs/authenticator without Composer

Laravel Authentication Package

This package will provide APIs for user authentication that is registration and login APIs with routes.

Installation

In order to install the package use the command specified below -

Required Packages

While installing package you have enable sodium extension in PHP ini file.

Configuration

Get inside the config/app.php file then add socialite services in providers

The defaults configuration settings are set in the config/al_auth_config.php file. Copy this file to your own config directory to modify the values or you can publish the config using this command:

Finally, you should run your database migrations. This package will create following tables into database:

1.temp_registrations 2.auth_settings 3.temp_otp

Also for mobile otp authentication one more migration is used.Which will add columns into the user table.

Command:

Laravel provide default migration for sanctum name as create_personal_access_tokens_table.Simply edit or create new migration for alter personal_access_tokens table.Add following column name as "expires_at".

$table->timestamp('expires_at')->nullable();

Sanctum Token Ability Middleware Setup:

Sanctum also includes two middleware that may be used to verify that an incoming request is authenticated with a token that has been granted a given ability. To get started, add the following middleware to the $routeMiddleware property of your application's app/Http/Kernel.php file:

Sanctum Token authentication exception handling on route:

To handle default exception on api routes such as AuthenticationException/AccessDeniedHttpException add following code into the register function of your application's app/Exception/Handler.php file:

Update default App\Models\User.php:

API Reference

Registration

User registration

• Users can register using email and password.Data will be saved in a temporary table.
• Next If the config flag email_verification=false then details will be saved in the main table i.e users table as well as user_setting table will be updated.
• If the config set to email_verification=true then verification mail will send to users email.

User Register with Mobile and OTP

• Users can register using mobile and otp. OTP will be sent to the user via sms.
• Once otp send temp_otp table will be used for maintaining the verification details.
• If mobile number already register then it will not allow to user register with same mobile number.

Mobile OTP Verification

• This api is used to verify OTP.
• Once OTP gets verified a sanctum token will be generated.
• If mobile number already register then it will not allow to user register with same mobile number.

User Login

User Login using Username and Password

• Users can login with Email/Mobile/Username and password.
• Once user gets authenticated then laravel sanctum token will be generated.

User Login with Email and OTP

• Users can login using email and otp. OTP will be sent to the user via email.
• Once otp send temp_otp table will be used for maintaining the verification details.

Mail OTP Verification

• This api is used to verify OTP.
• Once OTP gets verified a token will be generated. Number of attempts will be added to the function.

User Register/Login with Mobile and OTP with same end point

• Users can login using sms and otp. OTP will be sent to the user via sms.
• Once otp send temp_otp table will be used for maintaining the verification details.
• If mobile number already register then it will allow user to login
• If mobile number is not register then it will allow user to register and then login.

Mobile OTP Verification

• This api is used to verify OTP.
• Once OTP gets verified a token will be generated. Number of attempts will be added to the function.
• In config file if allow_login_or_registration_through_mobile_number flag set to be true then following scenario will be applied.
• If mobile number already register then it will allow user to login
• If mobile number is not register then it will allow user to register and then login.

Forgot Password

• Users can reset password using email. Reset link will be sent to the user via email.User can change his password via reset link.
• For blocked user package will not generate reset link.

Logout

• This api is used to logout user and it will destroy sanctum token of that user.

Set/Change Password

• Users can set/change password using sanctum token. If user login via sso or otp then user can set their password for first time.For next time user have to provide current password to change his password.

Social Media Login/Registration

Google

• Users can login via google account using id token.For google account validation package will validate id token and aud(client id) using Google Client package.

Linkedin- For Mobile

• Users can login via linkedin account using id token.Package will validate id token.
• sso_type must be 'linkedin-mobile'

Linkedin- For Web

• Users can login via linkedin account using authorization code.Package will validate authorization code and will fetch access token from linked in server.
• Package will update user details by fetching details from linkedin server.
• sso_type must be 'linkedin-web'
• idToken must be authorization code.

Apple

• Users can login via apple account using id token.For linkedin account validation package will validate id token.

Package config file

al_auth_config.php

• Developer can change configuration using al_auth_config.php file as follows.