Download the PHP package brackets/verifications without Composer

On this page you can find all versions of the php package brackets/verifications. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of brackets/verifications

Informations about the package verifications

Verifications

This package should be used for a code-based verification of actions (typically routes).

Currently packages supports two channels for sending verification codes:

but it's easy to extend the package to support custom channels.

Packages ships also with a simple frontend (screen where user can input the code + default email/sms template) that could be easily overridden to meet your UX.

Package can help you also with a special case of a verification - the Two-factor authentication.

Installation

  1. composer require brackets/verifications

  2. php artisan verifications:install

Usage

Implementing Verifiable

First of all, you need to have an authenticated user (i.e. User model) that implements Verifiable interface and use VerifiableTrait. You need to either define attribute/s email and/or phone on the model or implement accessor methods getPhoneAttribute()/getEmailAttribute().

Note: If you need to insert phone_number/email attributes to your user table, you can use artisan commands verifications:add-email {table-name} and/or verifications:add-phone {table-name}.

Configuration

Then you need to define an action that would require verification.

This can be achieved in the configuration file /config/verifications.php.

GET request verification

Typically you use this package to protect the entrance to some specific area of the application. This can be done by protecting all the routes using VerificationMiddleware middleware:

Example:
Let's say we want to verify the secret money-balance screen.

Define the action in your config:

And protect the route:

When User tries to go to the /{account}/money-balance URL, he will be redirected to the verification screen where he is required to provide a code that was sent to him.

POST request verification

Verifying POST actions is a bit more tricky because user cannot be redirected back to the POST request (this is technically impossible).

Of course you can block the access to some POST action until user verifies it. Once he does verify it, everything works for him smoothly.

You should always create a GET route displaying a screen where User can perform the action and protect this GET route too (meaning protecting the entrance into the area, where he can perform the POST action). In that case, User never experience weird behaviour of needing to click to the same action twice.

You have two options here:

  1. either make sure User is always verified on some GET route before he performs the POST action (so limit the entrance to some area, where he can perform the POST actions),
  2. or crete a pseudo-screen with with some handy JavaScript, that will auto-run the POST request on User's behalf on load, so he doesn't have to click twice

Which option to use depends on your exact use case. But typically, if the action requires User to input some data to the form, the showForm GET route should be always protected, etc.

Example:
Let's continue with our MoneyApp example, but now we want to protect the money-withdraw action.

The protection of a POST route is very similar:

This will definitely prevent withdrawing the money for the unverified user. But it doesn't solve the redirect problem. Let's do it.

If we think about it, we actually want to protect the GET route for money withdraw feature, not only the final submit button.

So let's add a GET route:

Method moneyWithdrawForm will display the blade view with the form that will perform the POST to /{account}/money-withdraw on submit. But User is verified ahead, in the GET route, so his UX will be smooth.

Tip: you can of course add middleware to the whole group of routes:

Advanced customization use case

In some scenarios you may want to use the verification on some action and needs further customization (i.e. only verify if some other conditions are met or provide a custom redirectTo method for POST actions verifications). You may use the Verification facade to manually run the verification in your controller providing the closure that will be run only after successful verification:

Note, that even in this scenario, you need to protect the GET route before the POST, otherwise User won't be able to be redirected to the verification prompt screen, he will not be able to proceed.

Customizing the views

To customized the default blade views you just need to publish them using:

Conditional verification

In some cases, you may want to provide an option for your users to choose if they should verify some specific action. Or maybe you want to allow users with some specific role/permission to skip the verification for some specific action. In these cases you just need to define the strictly named method isVerificationRequired(string $action).

Example:

Two factor authentication

Special case for the use of this package is Two-Factor Authentication.

Imagine simple scenario when 2FA is required for all users.

First, add new 2FA action to the config:

And then protect all your routes:

Channels

The packages ships with two default channels - email and sms.

Email

The package uses the default Laravel's Mail. facade to send emails, so be sure to configure it properly.

SMS

The package ships with the one SMS provider - Twilio.

To use Twilio, you just need to provide these variables in your .env file:

Check out this blogpost to find out more info about the Twilio integration.

Security

If you discover any security related issues, please email [email protected] instead of using the issue tracker.

Credits

License

The MIT License (MIT). Please see License File for more information.

All versions of verifications with dependencies

PHP Build Version
Package Version
Requires php Version ^7.3|^8.0
twilio/sdk Version ^6.0
illuminate/http Version ^8.0
illuminate/events Version ^8.0
illuminate/support Version ^8.0
illuminate/database Version ^8.0
illuminate/console Version ^8.0
illuminate/routing Version ^8.0
nesbot/carbon Version ^2.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package brackets/verifications contains the following files

Loading the files please wait ....