Download the PHP package paschaldev/laravauth without Composer

On this page you can find all versions of the php package paschaldev/laravauth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package laravauth

Laravauth

Laravel authentication with a twist.

Laravauth is an authentication package for laravel that uses a different technique other than the traditional authentication methods.

REQUIREMENTS: Laravel >= 5.4

Synopsis

This package works by hooking. How? Simply hooks to the login route, intercepts it and continues work from there.

The first step to hooking is from your route, the default route is a post request to login, once there is a request to that route, the plugin comes alive. The following modes of authorization are available:

  1. Email Token
  2. Two Factor Authorization (SMS)
Email Token

This type of authorization does not require passwords. The user simply provides his email address (must have been a registered user), if the email is present in the database, a temporary login link containing a secure token is sent to the user's email address. This login link is only valid for a specific amount of time, the default is 10minutes after which the link becomes invalid and the user will have to make a new login request.

Two Factor Authorization (SMS)

Two Factor Authorization is an extra layer of security that ensures the user has another "thing they have" to couple with the "thing they know". The "thing they know" is usually their password, the "thing they have" for this case is a personal mobile number a token is sent to. Read more

This mode of authorization requires password and a phone number for the user. After the user provides his login credentials, default is email and password, Laravauth serves a page requesting a token, a short lived token valid for a specific amount of time (default is 10minutes) is sent to the user's phone. The user provides the token, if it's valid, the user is authenticated.

Installation

The installation process of this package is a breeze. The first step is to require with composer.

Open app.php in your config directory of your laravel installation and add this line in the providers array.

You will need to publish the configuration and view files.

Laravauth alters the user's table and adds extra columns it uses for authentication. Next step is to migrate the database.

Make sure your database has been setup and working fine before proceeding.

The default configuration assumes the user's model is App\Users, if this is not so in your application, please skip this step, update your laravauth configuration to reflect this change before running the command below.

Now run:

If all is good, migration is successful. That's all there is to do. Installation complete.

Usage

Laravauth does not ship with a login view, you can use your present login view and just make slight changes.

Depending on the mode you choose, there are different ways to make things work. The configuration file has everything you'll need to tweak the package so that it plugs in perfectly to your application.

Laravauth requires little or no alteration of your previous application code, everything works seamlessly from start to finish. You don't need to bend your codes at all, all you need to is make sure to key in the right configuration values in your laravauth config file laravauth.php in the config directory after you must have published.

Email Token

This is the default mode. All that is required in this mode is an input in the login view that contains the user's email. Like below:

Laravauth uses email as the default. If your login view has a name that is not email, say for example:

You'll need to update your Laravauth configuration file to match this, open the config file laravauth.php and change the config login_id to user_email and you're good to go.

Laravauth also assumes the email column on the user's table is named email, if it is anything other than that, change the config login_id_rel to match the name of the email column on the user's table.

P.S: Very important, make sure your app url in laravel's app.php config file is set to the correct value else the package might generate invalid links.

Two Factor Authorization (SMS)

This mode of authorization requires an SMS provider. Several providers are shipped with this package:

  1. Nexmo
  2. Twilio
  3. MessageBird

You can choose your preferred provider by changing the value in the laravauth config file. Look for the option two_factor_sms, its an array that contains specific configuration for the two factor sms mode. Inside the array is a gateway option you can toggle. Possible values are nexmo and twilio.

Each of these providers have their own specific requirements. You are required to register with any provider of your choice.

PS: Using this option, you know you should have a large amount of balance to be able to accommodate the frequent logins.

Nexmo

Nexmo requires the following to be added and set in your .env file:

You can get your Nexmo key and secret from your dashboard after creating account.

Twilio

Twilio requires the following to be added in your .env file:

You can get all the values from your Twilio dashboard. The TWILIO_FROM is a phone number you get when you are done creating account. This is where your SMS will originate from.

MessageBird

MessageBird requires the following to be added and set in your .env file:

You can get your MessageBird key from your dashboard after creating account.


After setting the SMS providers, you are almost there. Now you need to tell Laravauth how to retrieve a user's phone number by adding the following method to your user model: laravauthPhone().

Next thing is the view that validates the token. In this mode, it requires the user logs in with email and password by default. If your login is not like this, maybe you use username and password, no problem, just update your configuration file and set the login_id and login_id_rel to the correct value.

These two options are required to be passed from your login view, a corresponding email or whatever the case may be and password. Also, if your password uses another name other than password, make sure to update the password_id in the configuration and also the password_id_rel if the password column on the user's table in the database uses another name other than 'password'.

Once a user logs in and the credentials are valid, a page asking for the token is served. Laravauth ships with a sample working page. The major thing is the markup seen below:

Laravauth uses a different route for validating authentication, which can be customized in your config file, look for validator_route and adjust to suit your needs. The default is 'validate'. The form's action attribute should point to the validator route, the method should also be POST.

The other thing required is a token input. This should not be confused with Laravel's own _token for protecting against CSRF (Cross-Site Request Forgery). You can change the name of the token variable used by Laravauth by updating the token_var option in the config file, the default is 'token'. Laravauth has an helper method to output this variable name laravauth_token_var_name() so you don't need bother much, just output the function in the name attribute of the input that will be sent to the validator route.

Once the form is submitted, the validator confirms if it's a valid token, if not the page is re-served. If it's valid, the user is authenticated and redirected to the auth page you define.

Configuration

Laravauth comes with a handful of configuration, you can check the laravauth config file for all available options, they are documented so it should be easy to see what they do.

One notable option is soft_disable. If you will like to disable Laravauth temporarily without removing the package, just set this value to true and Laravauth goes to sleep mode, it doesnt intercept your login.

Another very important option is the user_model option. This should point to the model that access your user table. The default is App\User which is Laravel's default.

For more options, check the configuration file.


All versions of laravauth with dependencies

PHP Build Version
Package Version
Requires nexmo/laravel Version ^1.1.1
twilio/sdk Version ^5.28
messagebird/php-rest-api Version 1.10.*
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package paschaldev/laravauth contains the following files

Loading the files please wait ....