PHPackages erdemkeren/laravel-otp - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. erdemkeren/laravel-otp ActiveLibrary erdemkeren/laravel-otp ====================== Secure your laravel routes with otps. (one time passwords) v4.0.0(4y ago)1608.5k↓100%27[7 issues](https://github.com/erdemkeren/laravel-otp/issues)MITPHPPHP ^8.0 Since Nov 8Pushed 3y ago4 watchersCompare [ Source](https://github.com/erdemkeren/laravel-otp)[ Packagist](https://packagist.org/packages/erdemkeren/laravel-otp)[ Docs](https://github.com/erdemkeren/laravel-otp)[ RSS](/packages/erdemkeren-laravel-otp/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (1)Dependencies (9)Versions (11)Used By (0) Maintainer Wanted! I don't have time to maintain this package and therefore looking for maintainers. I am open to abandon this project and suggest replacement packages. Laravel OTP =========== [](#laravel-otp) [![Latest Version on Packagist](https://camo.githubusercontent.com/3f3faedf531e29a47a1c1ae9bcc560d805c9e07e5b6e94dc5723690eb73db142/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f657264656d6b6572656e2f6c61726176656c2d6f74702e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/erdemkeren/laravel-otp)[![Software License](https://camo.githubusercontent.com/55c0218c8f8009f06ad4ddae837ddd05301481fcf0dff8e0ed9dadda8780713e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENSE.md)[![Build Status](https://camo.githubusercontent.com/8303efc0bf890f6bf0f4c1684b94f8bf6c6677e24f4753a39424f53215c19e8e/68747470733a2f2f696d672e736869656c64732e696f2f7472617669732f657264656d6b6572656e2f6c61726176656c2d6f74702f6d61737465722e7376673f7374796c653d666c61742d737175617265)](https://travis-ci.org/erdemkeren/laravel-otp)[![StyleCI](https://camo.githubusercontent.com/b11c11b40faf396b477ce837340f3863a63420094364aa82a2aef51636624bdd/68747470733a2f2f7374796c6563692e696f2f7265706f732f3135363639383736392f736869656c643f6272616e63683d6d6173746572)](https://styleci.io/repos/156698769)[![Quality Score](https://camo.githubusercontent.com/9c25a02901a3b15d3f10ebaa4e94a6f89405329ffcb0c719fdf903e1f84e35a7/68747470733a2f2f696d672e736869656c64732e696f2f7363727574696e697a65722f672f657264656d6b6572656e2f6c61726176656c2d6f74702e7376673f7374796c653d666c61742d737175617265)](https://scrutinizer-ci.com/g/erdemkeren/laravel-otp)[![Code Coverage](https://camo.githubusercontent.com/d7484619b68070b612e0dd242991d08b002d8157390e160087db91299785dc96/68747470733a2f2f696d672e736869656c64732e696f2f7363727574696e697a65722f636f7665726167652f672f657264656d6b6572656e2f6c61726176656c2d6f74702f6d61737465722e7376673f7374796c653d666c61742d737175617265)](https://scrutinizer-ci.com/g/erdemkeren/laravel-otp/?branch=master)[![Total Downloads](https://camo.githubusercontent.com/43a2c080be2a588f83a3ad57c44632234aa4f2a0a7408f3393079fda1e4829c5/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f657264656d6b6572656e2f6c61726176656c2d6f74702e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/erdemkeren/laravel-otp) This package allows you to secure your resources with one time password access (otp). Example Usage: ``` Route::get('secret', function (\Illuminate\Http\Request $request): string { $token = $request->otpToken(); $messages[] = "The otp token {$token} has {$token->timeLeft()} out of {$token->expiryTime()} seconds."; $token->refresh(); $messages[] = "The time left can be reset using the refresh method: {$token->timeLeft()}/{$token->expiryTime()}"; $token->extend(30); $messages[] = "The expiry time can be increased using the extend method: {$token->timeLeft()}/{$token->expiryTime()}"; $messages[] = "You can also invalidate the token immediately. Try refreshing the page ;)"; $request->otpToken()->invalidate(); return implode('', $messages); })->middleware('auth', 'otp'); ``` Contents -------- [](#contents) - [Installation](#installation) - [Configuration](#configuration) - [Usage](#usage) - [Basic Usage](#basic-usage) - [Advanced Usage](#advanced-usage) - [Deeper Knowledge](#deeper-knowledge) - [Changelog](#changelog) - [Testing](#testing) - [Credits](#credits) Installation ------------ [](#installation) 1- Add the package to your dependencies. ``` $ composer require erdemkeren/laravel-otp; ``` 2- Register the package in your `config/app.php` file: *only if you your auto package discovery off.* ``` Erdemkeren\Otp\OtpServiceProvider::class, ``` 3- Publish the components: *Publishes a migration, two views and a configuration file.* ``` $ php artisan vendor:publish ``` 4- Apply the migrations: *Will create a table called `otp_tokens` to store generated token information.* ``` $ php artisan migrate ``` 5- Register the routes: *These routes are required if you are planning to use `otp` middleware.* In your RouteServiceProvider, append the following line inside the `map` method: ``` // App\RouteServiceProvider@map: \Erdemkeren\Otp\OtpRoutes::register(); ``` 6- Register the route middleware: *Register the otp route middleware inside your `App\Http\Kernel`.* ``` /** * The application's route middleware. * * These middleware may be assigned to groups or used individually. * * @var array */ protected $routeMiddleware = [ // [...] 'otp' => \Erdemkeren\Otp\Http\Middleware\Otp::class, ]; ``` Configuration ------------- [](#configuration) This package comes with a set of handy configuration options: **password\_generator**: The password generator option allows you to decide which generator implementation to be used to generate new passwords. Available built-in options: string, numeric and numeric-no-0. default: string **table**: The name of the table to be used to store the otp tokens. default: otp\_tokens **expiry\_time**: The expiry time of the tokens in minutes. default: 15 **default\_channels**: The default notification channels of the token notification. Usage ----- [](#usage) ### Basic Usage [](#basic-usage) After configuring your instance of the package, you can use the built-in `otp` middleware alias to secure your endpoints: ``` Route::get('secret', function (Request $request): string { $request->otpToken()->refresh(); return 'The secret of immortality'; })->middleware('auth', 'otp'); ``` This middleware will redirect any unauthenticated request to the `otp/create` endpoint which we have registered in the installation process: - A password will be generated using the configured password generator. - The authenticated user will be notified about the password via the configured notification channel. - The user will see a form to submit their password. - You can change the appearance of the view under your `resources/views/otp` directory, modifying `create.blade.php` file. - After a successful authentication; the user will be redirected back to the original route they requested at the first step. - The redirected request will also include the `otpToken()` instance being used by the user. ### Advanced Usage [](#advanced-usage) #### Adding the notification channel method: [](#adding-the-notification-channel-method) If you are not using the `mail` channel, or your notification channel is expecting a method different than `mail` or `sms`, you can register your own method like: ``` // AppServiceProvider::register(): TokenNotification::macro('AcmeSms', function () { // $this is TokenNotification class. return $this->notification->code; }); ``` *Don't forget to change your configuration file as well.* #### Using your own password generator: [](#using-your-own-password-generator) To add your own password generator implemetation, you can call `addPasswordGenerator` method on `Otp` service like: ``` // AppServiceProvider::register(): app('otp')->addPasswordGenerator('acme', function (int $length): string { return 'your_implementation'; }); ``` If you need more power, you can also create your own password generator class too: ```