Download the PHP package horlerdipo/simple-otp without Composer

A Simple OTP Package for Laravel

This Laravel package provides a flexible and pluggable One-Time Password (OTP) system, supporting multiple delivery channels like Email and custom drivers.

//: # ()

//: # ()

//: # ()

//: # ()

//: # ()

//: # ()

//: # ()

//: # ()

//: # ()

//: # ()

//: # ()

//: # ()

//: # ()

Introduction

Overview

This Laravel package provides a flexible and pluggable One-Time Password (OTP) system, supporting multiple delivery channels like Email and custom drivers. You can get up and running with a full OTP system with just a couple of lines

Features

• OTP generation and validation
• Facade support for simple usage
• Built-in Email and BlackHole channels
• Easy integration of custom delivery channels
• Coming soon: Twilio, Termii SMS channels, Redis Storage for OTPs
• Coming soon: TOTP (Time-based One-Time Password)

Requirements

• PHP 8.1+
• Laravel 9.x or higher

Installation

You can install the package via composer:

You can publish and run the migrations with:

You can publish the config file with:

This is the contents of the published config file:

If you would like to use the package email template(you shouldn't 😂), you can publish the views using

Quickstart

Basic Setup

After installation, make sure your .env and config/otp.php are configured correctly, the default channel is Email so OTPs will be sent to emails. You can change the default channel on the config file at runtime as well.

Sending an OTP

Verifying an OTP

The method returns a object that has a which is a boolean that is true if the OTP is correct and false if it is not, the object also has property that contains the reason why the OTP is not correct. If for any reason, you would like the otp not to be used immediately, you can pass as the fourth parameter for the endpoint.

Configuration Overview

You can configure OTP generation using method chaining before calling method

• : This is to set the OTP length, default is 6
• : This is to set how long the OTP will last, default is 10 minutes
• : This is to set if the generated OTP should contain letters or not, default is false
• : This is to set the template that will be used to send the OTP, default is vendor.simple-otp.mails.otp
• : This is to set if the OTP should be hashed before it is saved into the database or not, default is false
• : This is to set the channel that will be used to send the OTP, if is set, default is email
• : This returns the name of the channel in use, this method cannot be chained like the ones above

Example

Channel Guide

Email Channel

Overview

Ensure your mail configuration is properly set in the .env. The email template is defined in config/simple-otp.php.

Example Usage

BlackHole Channel

Overview

This channel was created primarily for testing or development. It simulates OTP sending without actually delivering the OTP. It comes with a method that returns the token that was generated, this is useful in a scenario where you would like to send the OTP in some other way the package is not shipped with, and you do not want to create a custom channel for it.

Example Usage

Advanced Usage

Adding Custom Channels

Creating a custom channel class

The custom channel class must implement the and the . You can simply extend the abstract class to get predefined methods to speed up your custom channel development

Registering the channel

The custom service is registered by calling the method in the method of the service provider

Custom Channel Usage

The newly registered channel can now be used by either changing the to or the name added while registering or using it in the channel

Example Channel Implementation

The , and are already implemented in the abstract class, all you need to be concerned about is the method which defines how the OTP will be sent to the user.

Using the Manager Class directly

If you are not a fan of Facades, you can also simply call the underlying class directly like below

You can as well call the Channel classes directly if you even want to go even lower, we currently have the following channels and the classes

Pruning Old OTPs

To avoid the table from getting filled up, you should add the command to your scheduler. This also takes an input of the hours how far back the expired OTP should be, the default is .

Troubleshooting & FAQ

• OTP not being delivered Check mail config or your custom channel integration

Verify your template paths

• OTP always fails validation Check token expiration and matching

Ensure hashing is consistent between send and verify

Testing

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

• Umar Oladipo
• All Contributors

License

The MIT License (MIT). Please see License File for more information.