Download the PHP package njoguamos/laravel-otp without Composer
On this page you can find all versions of the php package njoguamos/laravel-otp. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download njoguamos/laravel-otp
More information about njoguamos/laravel-otp
Files in njoguamos/laravel-otp
Package laravel-otp
Short Description A composer package for generating and verifying One Time Passwords (OTP) in Laravel 11+.
License MIT
Homepage https://github.com/njoguamos/laravel-otp
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package laravel-otp
A composer package for generating and verifying One Time Passwords (OTP) in Laravel 11+.
A composer package for generating and verifying One Time Passwords (OTP) in Laravel 11+.
Installation
You can install the package via composer:
You can publish and run the migrations with:
You can publish the config file with:
This is the contents of the published config file:
Usage
Generate OTP
To generate an OTP, you can use the generate() method on the Otp class. . This method takes an identifier as a parameter. The identifier can be and email address, phone number, or any other unique identifier that you want to use to identify the user.
The generate() method returns an instance of the \NjoguAmos\Otp\Models\Otp Eloquent Models class. You can access the identifier, token, and expires_at properties of the Otp class.
For example: you can use the token property to send the OTP to the user's email address.
Verify OTP
To verify an OTP, you can use the validate() method on the Otp class. This method takes an identifier and token as parameters.
If the OTP is valid, the method will return true. Otherwise, it will return false.
[!NOTE] It is advisable not to let the user know if the OTP does not match, or does not exist or expired. You can return a generic message to the user instead.
Delete Expired OTPs
To periodically delete expired OTPs, you can use the model:prune Artisan command. This command will delete all expired OTPs from the database.
To do so, add model:prune to your routes/console.php file:
`
[!TIP] Make sure the duration is greater than the validity time of the OTP.
Security
[!TIP] To prevent brute force attacks, rate limit the number of attempts to
generateorverifyan OTP tokens. This can be done by using the LaravelRateLimitmiddleware. User can verify tokens as long as they are valid. This means that the user can have multiple valid tokens. Once the token expires, it cannot be valid even if it still exists in the database. Schedule themodel:prunecommand to run every 5 minutes to delete expired tokens.
Testing
Changelog
Please see RELEASE for more information on what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security Vulnerabilities
Please review our security policy on how to report security vulnerabilities.
Credits
- Njogu Amos
- All Contributors
License
The MIT License (MIT). Please see License File for more information.
All versions of laravel-otp with dependencies
illuminate/contracts Version ^v11.10.0
spatie/laravel-package-tools Version ^1.16