PHPackages achinthailabs/laravel5-otp - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. achinthailabs/laravel5-otp ActiveLibrary[Authentication & Authorization](/categories/authentication) achinthailabs/laravel5-otp ========================== Laravel OTP generator and validation 05PHP Since Jun 20Pushed 3y ago1 watchersCompare [ Source](https://github.com/achinthailabs/laravel5-otp)[ Packagist](https://packagist.org/packages/achinthailabs/laravel5-otp)[ RSS](/packages/achinthailabs-laravel5-otp/feed)WikiDiscussions main Synced 3d ago READMEChangelogDependenciesVersions (2)Used By (0) laravel5-otp ============ [](#laravel5-otp) [![Latest Version on Packagist](https://camo.githubusercontent.com/fee9db23abf233945ec2e99f1440d1bd5f4af75a22ab28609602d4344c2d0662/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f616368696e746861696c6162732f6c61726176656c352d6f74702e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/achinthailabs/laravel5-otp)[![Software License](https://camo.githubusercontent.com/55c0218c8f8009f06ad4ddae837ddd05301481fcf0dff8e0ed9dadda8780713e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENSE.md)[![Build Status](https://camo.githubusercontent.com/b40a6b87844813161809bcd56ba96a843885e67bb064ac92fc45bd89b8cdb96c/68747470733a2f2f696d672e736869656c64732e696f2f7472617669732f616368696e746861696c6162732f6c61726176656c352d6f74702f6d61737465722e7376673f7374796c653d666c61742d737175617265)](https://travis-ci.org/achinthailabs/laravel5-otp)[![Coverage Status](https://camo.githubusercontent.com/306ac504a158e31b19397bedc19e95367465544f13f22c1ee3018b376abcd93f/68747470733a2f2f696d672e736869656c64732e696f2f7363727574696e697a65722f636f7665726167652f672f616368696e746861696c6162732f6c61726176656c352d6f74702e7376673f7374796c653d666c61742d737175617265)](https://scrutinizer-ci.com/g/achinthailabs/laravel5-otp/code-structure)[![Quality Score](https://camo.githubusercontent.com/25d73c56990cb93a9b4fb4cc6a9bfe4c06698364fa2fb53fffdd540804fe9a8a/68747470733a2f2f696d672e736869656c64732e696f2f7363727574696e697a65722f672f616368696e746861696c6162732f6c61726176656c352d6f74702e7376673f7374796c653d666c61742d737175617265)](https://scrutinizer-ci.com/g/achinthailabs/laravel5-otp)[![Total Downloads](https://camo.githubusercontent.com/846375f6061c9861ccefde5ab46b7b8939c04ce0134b0c8a8905d1e1d206e306/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f616368696e746861696c6162732f6c61726176656c352d6f74702e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/achinthailabs/laravel5-otp) The code was taken directly from and tweaked to our need. Please use original repo for your work. A package for Laravel One Time Password (OTP) generator and validation without Eloquent Model, since it done by *Cache*. The cache connection same as your laravel cache config and it supported: "apc", "array", "database", "file", "memcached", "redis" Install ------- [](#install) Via Composer ``` $ composer require achinthailabs/laravel5-otp ``` Add Service Provider & Facade --------------------------------- [](#add-service-provider--facade) **For Laravel 5.5+** Once the package is added, the service provider and facade will be auto discovered. **For Laravel 5.2 / 5.3 / 5.4** Add the ServiceProvider to the providers array in `config/app.php`: ``` Achinthailabs\Otp\OtpServiceProvider::class ``` Add the Facade to the aliases array in `config/app.php`: ``` 'Otp' => Achinthailabs\Otp\OtpFacade::clas ``` Configuration ------------- [](#configuration) Publish config and language file ``` php artisan vendor:publish --provider="Achinthailabs\Otp\OtpServiceProvider" ``` This package publishes an `otp.php` file inside your applications's config folder which contains the settings for this package. Most of the variables are bound to environment variables, you may add Key-Value pair to the `.env` file in the Laravel application. ``` OTP_FORMAT=numeric OTP_LENGTH=6 OTP_SENSITIVE=false OTP_EXPIRES_TIME=15 OTP_ATTEMPT_TIMES=5 OTP_REPEATED=true OTP_DEMO=false ``` Usage ----- [](#usage) ### Generate OTP [](#generate-otp) ``` Otp::generate(string $identifier) ``` - `$identifier`: The identity that will be tied to the OTP. #### Sample [](#sample) ``` use OTP; // in controller $password = Otp::generate('reg:name@domain.com'); ``` This will generate a OTP that will be valid for 15 minutes. ### Validate OTP [](#validate-otp) ``` Otp::validate(string $identifier, string $password) ``` - `$identifier`: The identity that is tied to the OTP. - `$password`: The password tied to the identity. #### Sample [](#sample-1) ``` use OTP; // in controller $result = Otp::validate('reg:name@domain.com', '123456'); ``` #### Responses [](#responses) **On Success** ``` { "status": true } ``` **Invalid OTP** ``` { "status": false, "error": "invalid" } ``` **Expired** ``` { "status": false, "error": "expired" } ``` **Max attempt** ``` { "status": false, "error": "max_attempt" } ``` - Reached the maximum allowed attempts, default 10 times with each identifier ### Validate OTP by Laravel Validation [](#validate-otp-by-laravel-validation) ``` // in a `FormRequest` use Achinthailabs\Otp\Rules\OtpValidate; public function rules() { return [ 'code' => ['required', new OtpValidate('change-email:name@domain.com')] ]; } // in a controller $request->validate([ 'code' => ['required', new OtpValidate('change-email:name@domain.com')] ]); ``` ### Validate OTP by session id [](#validate-otp-by-session-id) ``` // Otp class $result = Otp::validate('123456'); // in a `FormRequest` use Achinthailabs\Otp\Rules\OtpValidate; public function rules() { return [ 'code' => ['required', new OtpValidate()] ]; } // in a controller $request->validate([ 'code' => ['required', new OtpValidate()] ]); ``` - The setting without identifier will automatically use the session ID as the default, and the OTP generation and verification will be completed in same session (browser's cookies). Advanced Usage -------------- [](#advanced-usage) ### Generate OTP with options [](#generate-otp-with-options) ``` $password = Otp::setLength(8)->setFormat('string')->setExpires(60)->setRepeated(false)->generate('identifier-key-here'); // or array option $password = Otp::generate('identifier-key-here', [ 'length' => 8, 'format' => 'string', 'expires' => 60, 'repeated' => false ]); ``` - `setLength($length)`: The length of the password. Default: 6 - `setFormat($format)`: The format option allows you to decide which generator implementation to be used when generating new passwords. Options: 'string','numeric','numeric-no-zero','customize'. Default: "numeric" - `setExpires($minutes)`: The expiry time of the password in minutes. Default: 15 - `setRepeated($boolean)`: The repeated of the password. The previous password is valid when new password generated until either one password used or itself expired. Default: true ### Generate OTP with customize password [](#generate-otp-with-customize-password) ``` $password = Otp::setCustomize('12345678ABC@#$')->generate('identifier-key-here'); ``` - `setCustomize($string)`: Random letter from the customize string ### Validate OTP with specific attempt times [](#validate-otp-with-specific-attempt-times) ``` $password = Otp::setAttempts(3)->validate('identifier-key-here', 'password-here'); ``` - `setAttempts($times)`: The number of incorrect password attempts. Default: 5 ### Validate OTP with case sensitive [](#validate-otp-with-case-sensitive) ``` $password = Otp::setSensitive(true)->generate('identifier-key-here'); // validate $result = Otp::setSensitive(true)->validate('identifier-key-here', 'password-here'); // in controller use Achinthailabs\Otp\Rules\OtpValidate; $request->validate([ 'code' => ['required', new OtpValidate('identifier-key-here', ['sensitive' => true])] ]); ``` - `setSensitive($boolean)`: Requiring correct input of uppercase and lowercase letters. Default: true ### Generate OTP with seperate password [](#generate-otp-with-seperate-password) ``` $password = Otp::setLength([4,3,4])->setSeparator(':')->generate('identifier-key-here'); ``` **Sample password** ``` 3526:126:3697 ``` - `setLength($array)`: The length of the password, use array to separate each length. - `setSeparator($string)`: The separator of the password. Default: "-" ### Validate OTP with extra data [](#validate-otp-with-extra-data) ``` $password = Otp::setData(['user_id' => auth()->id()])->generate('login-confirmation'); ``` - `setData($var)`: Allows you to get the extra data of OTP. ``` // validate $result = Otp::setDisposable(false)->validate('login-confirmation', 'password-here'); // in controller use Achinthailabs\Otp\Rules\OtpValidate; $request->validate([ 'code' => ['required', new OtpValidate('login-confirmation', ['disposable' => false])] ]); ``` - `setDisposable($boolean)`: The disposable of the Otp identifier, the different password is not valid when same identifier password used. Default: true **On Success Response** ``` { "status": true, "data": [ "user_id": 10 ] } ``` - When you set disposable to `false`, you are able support different password with different extra data for different user in the same identifier key of the OTP. ### Validate OTP with skip using [](#validate-otp-with-skip-using) ``` // validate $result = Otp::setSkip(true)->validate('identifier-key-here', 'password-here'); // in controller use Achinthailabs\Otp\Rules\OtpValidate; $request->validate([ 'code' => ['required', new OtpValidate('identifier-key-here', ['skip' => true])] ]); ``` - `setSkip($boolean)`: Skip using the password when validate, which means you can reuse the password again. Default: false - When there is an error response to the form request, it will skip using the password, but remember to `OTP::validate(...)` in controller. ### Delete OTP [](#delete-otp) ``` Otp::forget('identifier-key-here'); ``` - Delete all password with this specific identifier ### Delete specific password [](#delete-specific-password) ``` Otp::forget('identifier-key-here', 'password-here'); ``` ### Reset attempt times [](#reset-attempt-times) ``` Otp::resetAttempt('identifier-key-here'); ``` ### Demo password [](#demo-password) Add the following Key-Value pair to the `.env` file in the Laravel application. ``` OTP_DEMO=true ``` - Demo mode for development purposes, no need to use real password to validate. - Default demo password: "1234", "123456", "12345678" - Change log ---------- [](#change-log) Please see [CHANGELOG](CHANGELOG.md) for more information on what has changed recently. Contributing ------------ [](#contributing) Please see [CONTRIBUTING](CONTRIBUTING.md) and [CODE\_OF\_CONDUCT](CODE_OF_CONDUCT.md) for details. Security -------- [](#security) If you discover any security related issues, please email instead of using the issue tracker. Credits ------- [](#credits) - [Achintha Rodrigo](https://github.com/achinthailabs) - [All Contributors](../../contributors) License ------- [](#license) The MIT License (MIT). Please see [License File](LICENSE.md) for more information. ### Health Score 15 — LowBetter than 3% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity4 Limited adoption so far Community7 Small or concentrated contributor base Maturity27 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Community Maintainers ![](https://www.gravatar.com/avatar/9440ca6238cb2c6e6f9f72ed1c0e1868ccdea298509984123dd68eac8206c893?d=identicon)[achinthailabs](/maintainers/achinthailabs) --- Top Contributors [![achinthailabs](https://avatars.githubusercontent.com/u/107479742?v=4)](https://github.com/achinthailabs "achinthailabs (2 commits)") ### Embed Badge ![Health badge](/badges/achinthailabs-laravel5-otp/health.svg) ``` [![Health](https://phpackages.com/badges/achinthailabs-laravel5-otp/health.svg)](https://phpackages.com/packages/achinthailabs-laravel5-otp) ``` ### Alternatives [namshi/jose JSON Object Signing and Encryption library for PHP. 1.8k99.6M101](/packages/namshi-jose)[league/oauth1-client OAuth 1.0 Client Library 99698.8M106](/packages/league-oauth1-client)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[league/oauth2-google Google OAuth 2.0 Client Provider for The PHP League OAuth2-Client 41721.2M118](/packages/league-oauth2-google)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)