PHP download

Download the PHP package makelarisjr/laravel-2fa without Composer

On this page you can find all versions of the php package makelarisjr/laravel-2fa. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:

If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.

Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
To use Composer is sometimes complicated. Especially for beginners.
Composer needs much resources. Sometimes they are not available on a simple webspace.
If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.

Please rate this library. Is it a good library?

Example code of makelarisjr/laravel-2fa

Informations about the package laravel-2fa

Laravel 2FA Package

This package provides all the necessary tools for a complete implementation of Google's OTP and Yubikey 2FA.

Requirements

PHP: >=7.4
Laravel: >=7.0

Installation

Type the following command in your terminal/command line:

The service provider will automatically get registered. You may also manually add the service provider in your config/app.php file:

Publish the configuration file by typing the following command:

For more info about the configuration, please refer to the Wiki article

Next, you have to add the necessary trait to the authenticatable model. This package can be used by any model, and you are not limited only to the User model.

Now that you have set up the model, create a Route group with all the routes that will require the user to have a valid OTP authorization.

Example:

You can add the otp middleware alias to any group you like. Furthermore, the middleware will automatically prompt the user to enter the OTP code if the session needs to be refreshed. You don't need to implement your own verification logic if you use the middleware.

Last but not least, run the migrations.

This will create the following tables:

otp_devices
otp_backup_codes
otp_remember_tokens

Usage

Adding Devices

Now it's time to add a new device to our model. The trait that we added provides a addDevice method which accepts the following parameters:

For type, you may choose one of the following:

OtpDevice::TYPE_GOOGLE
OtpDevice::TYPE_YUBIKEY

In case of Yubikey, you may provide the full key which is 44 characters, or the device id which is the first 12 characters. The package will "cut" the string accordingly.

For Google OTP you will need to generate a QR code before or enter the secret manually to your device. Here is a simple example:

The QRCode is in the form of a base64 string which can be returned to the user and be scanned by the phone.

Verify OTP

As mentioned before, the otp middleware will handle the verification without having to do something yourself. It is possible however to create your very own implementation, especially if you are planning to use another frontend framework like Vue, React, etc...

To verify the code inserted by the user, use the following method provided by the trait:

The string $otp can either be the code provided by the Google authenticator, or the 44 digits code provided by the Yubikey, or one of the backup codes. The method will return true if the verification is successful or false if it's not.

Backup Codes

It is also possible to generate backup codes that can be used in case you lose your device. This is a recommended safety practise because in the authentication device is lost or destroyed you won't be able to sign in to your account.

To generate the codes, you may use the following method:

The first numeric parameter designates the total number of codes that will be generated. The default is 8. The second parameter, force, designates whether new codes will be generated. Once the backup codes are created, it is not possible to create them again, unless you set force to true which in that case, the old ones will be deleted and a new batch will be created.

Extended Documentation

For the extended documentation please refer to the Wiki

Security Vulnerabilities

If you discover a security vulnerability within Laravel2FA, please send an e-mail to makelarisjr via [email protected]. All security vulnerabilities will be promptly addressed.

License

The Laravel2FA is open-sourced software licensed under the MIT license.

All versions of laravel-2fa with dependencies

PHP Build Version

Package Version

Version 1.6 Release 06. Feb 2024
create-project require 0 people choosed require and
0 people choosed create-project.

Download

Download latest version of laravel-2fa from vendor makelarisjr

Requires php Version ^7.4|^8.0
bacon/bacon-qr-code Version ^2.0
pragmarx/google2fa Version ^8.0
guzzlehttp/guzzle Version ^7.0

Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package makelarisjr/laravel-2fa contains the following files

Loading the files please wait ....