Download the PHP package salehhashemi/laravel-otp-manager without Composer
On this page you can find all versions of the php package salehhashemi/laravel-otp-manager. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download salehhashemi/laravel-otp-manager
More information about salehhashemi/laravel-otp-manager
Files in salehhashemi/laravel-otp-manager
Package laravel-otp-manager
Short Description Laravel OTP manager
License MIT
Homepage https://github.com/salehhashemi1992/laravel-otp-manager
Informations about the package laravel-otp-manager
The OtpManager
class is responsible for sending and verifying one-time passwords (OTPs). It provides a comprehensive set of methods to generate, send, verify, and manage OTPs. It also integrates with Laravel cache system to throttle OTP sending and provides a layer of security by tracking OTP requests.
Features
- Main Features
- Generate OTP codes
- Send OTPs via mobile numbers
- Resend OTPs with built-in throttling
- Verify OTP codes
- Track OTP requests
- Security
- Rate limiting of OTP generation attempts (
OtpRateLimiter
middleware) - Otp Invalidation after multiple failed verifications
- Automatic deletion of OTP codes after successful verification
- Rate limiting of OTP generation attempts (
- Configuration
- Customize rate-limiting thresholds, max allowed attempts, and auto-delete
- Flexibility
- Supports multiple OTP types using enums
- Customizable mobile number validation
Requirements
PHP: ^8.1
Laravel framework: ^9
Version | L9 | L10 | L11 |
---|---|---|---|
1.5 | :white_check_mark: | :white_check_mark: | :white_check_mark: |
Installation
To install the package, you can run the following command:
Usage
Sending OTP
Resending OTP
The sendAndRetryCheck
method will throw a ValidationException
if you try to resend the OTP before the waiting time expires.
Verifying OTP
Deleting Verification Code
Handling and Listening to the OtpPrepared
Event
The OtpManager
package emits an OtpPrepared
event whenever a new OTP is generated. You can listen to this event and execute custom logic, such as sending the OTP via SMS or email.
Here's how to set up an event listener:
Step 1: Register the Event and Listener
First, you need to register the OtpPrepared
event and its corresponding listener. Open your EventServiceProvider
file, usually located at app/Providers/EventServiceProvider.php
, and add the event and listener to the $listen array.
Step 2: Create the Listener
If the listener does not exist, you can generate it using the following Artisan command:
Step 3: Implement the Listener
Now open the generated SendOtpNotification
listener file, typically located at app/Listeners/
. You'll see a handle method, where you can add your custom logic for sending the OTP.
Here's a sample implementation:
Step 4: Test the Event Listener
Once you've set up the listener, generate a new OTP through the OtpManager
package to make sure the OtpPrepared
event is being caught and the corresponding listener logic is being executed.
That's it! You've successfully set up an event listener for the OtpPrepared
event in the OtpManager
package.
Using Enums for OTP Types
You can take advantage of enums to define your OTP types. Enums provide a more expressive way to manage different categories of OTPs.
How to Define an OTP Enum
Usage
After defining your enum, you can use it just like any other OTP type:
Configuration
To publish the config file, run the following command:
To publish the language files, run:
After publishing, make sure to clear the config cache to apply your changes:
Then, you can adjust the waiting_time, code_min, and code_max in the config/otp.php
Middleware Protection
The OtpManager package includes built-in middleware (OtpRateLimiter) to protect your application routes from excessive OTP requests. This helps prevent potential abuse.
To apply the middleware:
Register the middleware: Add \Salehhashemi\OtpManager\Middleware\OtpRateLimiter::class
to the middlewareAliases
array in your app\Http\Kernel.php
file.
Assign the middleware to routes: You can apply it to specific routes or route groups where you want to implement rate limiting.
Example:
Custom Mobile Number Validation
The package comes with a default mobile number validator, but you can easily use your own.
Here's how you can do it:
-
Create a Custom Validator Class First, create a class that implements
MobileValidatorInterface
. This interface expects you to define a validate method. - Update Configuration
Next, open your OTP configuration file and update the
mobile_validation_class
option to use your custom validator class:
Exceptions
\InvalidArgumentException
will be thrown if the mobile number is empty.\Exception
will be thrown for general exceptions, like OTP generation failures.\Illuminate\Validation\ValidationException
will be thrown for throttle restrictions.\Symfony\Component\HttpKernel\Exception\TooManyRequestsHttpException
will be thrown for throttled requests.
Docker Setup
This project uses Docker for local development and testing. Make sure you have Docker and Docker Compose installed on your system before proceeding.
Build the Docker images
Start the services
To access the PHP container, you can use:
Testing
Changelog
Please see CHANGELOG for more information what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Credits
- Saleh Hashemi
- All Contributors
License
The MIT License (MIT). Please see License File for more information.
All versions of laravel-otp-manager with dependencies
laravel/framework Version ^9.0|^10.0|^11.0
salehhashemi/laravel-configurable-cache Version ^1.1