PHPackages                             listra/twofa - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication & Authorization](/categories/authentication)
4. /
5. listra/twofa

ActiveLibrary[Authentication & Authorization](/categories/authentication)

listra/twofa
============

working with 2fa use laravel passport

2.0.0(1y ago)08MITPHPPHP ^7.4|^8.0

Since Aug 12Pushed 1y agoCompare

[ Source](https://github.com/marcoalmeidalistra/listra-laravel-passport-2fa)[ Packagist](https://packagist.org/packages/listra/twofa)[ RSS](/packages/listra-twofa/feed)WikiDiscussions master Synced 1mo ago

READMEChangelog (2)Dependencies (4)Versions (3)Used By (0)

Package to work with two-factor authentication along with laravel passport

In your Users model you should add

```
       use TwoFactorAuthentication

```

run the migrations

```
        php artisan migrate

```

they will add three fields to the users table,also add them to fillable

```
        'google2fa_secret',
        'google2fa_recovery_codes',
        'google2fa_enable',

```

You now have these routers available, routers are secured by default Route::middleware('auth:api')

```
        POST      two-factor-authentication
        DELETE    two-factor-authentication/{user}
        GET|HEAD  two-factor-qr-code
        GET|HEAD  two-factor-recovery-codes

```

How it works

We always get a unique ik-svu until it is enabled. Enabled using a code obtained from the Google authorization of the application

```
        GET|HEAD  two-factor-qr-code

```

Enables and disables 2FA, but backup codes can be used to disable it.

```
        POST      two-factor-authentication
        DELETE    two-factor-authentication/{user}

```

List of backup codes, they have statuses for display on the frontend.

```
      GET|HEAD  two-factor-recovery-codes

        {
        "code": "DiAHiXyqsV-PZ2grE1huc",
        "active": false
        },
        {
        "code": "jqzDmcYYmA-xCQiU75dyJ",
        "active": true
        },

```

Now, when authorizing through a passport, you will have to add a code field to the request body. This is the code from the Google application or the backup code.

This should work. When an access request comes in, we check to see if 2AF is enabled. Return if "status2FA" is enabled: true.

further in the request body you have to send

Example for auth url oauth/token

```
    "grant_type" : "password",
    "client_id" : "2",
    "client_secret" : "6wAGwcP98VT90S5biQZjREIq4udQ7EhmwNrUzBkV",
    "username": "amosciski@example.com",
    "password": "password",
    "scope": "",
    "code":"DiAHiXyqsV-PZ2grE1huc"

```

Then you can get a token for further work.

###  Health Score

24

—

LowBetter than 32% of packages

Maintenance34

Infrequent updates — may be unmaintained

Popularity4

Limited adoption so far

Community6

Small or concentrated contributor base

Maturity46

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~0 days

Total

2

Last Release

643d ago

Major Versions

1.0.0 → 2.0.02024-08-12

### Community

Maintainers

![](https://www.gravatar.com/avatar/98d44b014b1316a022661e4faa32073be617d21f01fbeba5dde0d685172a2d4a?d=identicon)[marcoalmeidalistra](/maintainers/marcoalmeidalistra)

---

Top Contributors

[![marcoalmeidalistra](https://avatars.githubusercontent.com/u/177877917?v=4)](https://github.com/marcoalmeidalistra "marcoalmeidalistra (2 commits)")

### Embed Badge

![Health badge](/badges/listra-twofa/health.svg)

```
[![Health](https://phpackages.com/badges/listra-twofa/health.svg)](https://phpackages.com/packages/listra-twofa)
```

###  Alternatives

[jeffgreco13/filament-breezy

A custom package for Filament with login flow, profile and teams support.

1.0k1.7M41](/packages/jeffgreco13-filament-breezy)[laragear/two-factor

On-premises 2FA Authentication for out-of-the-box.

339785.3k8](/packages/laragear-two-factor)[corbosman/laravel-passport-claims

Add claims to Laravel Passport JWT Tokens

88655.9k](/packages/corbosman-laravel-passport-claims)[visanduma/nova-two-factor

Nova Two Factor Authentication

56621.3k](/packages/visanduma-nova-two-factor)[jeremy379/laravel-openid-connect

OpenID Connect support to the PHP League's OAuth2 Server. Compatible with Laravel Passport.

55342.3k2](/packages/jeremy379-laravel-openid-connect)[stephenjude/filament-two-factor-authentication

Filament Two Factor Authentication: Google 2FA + Passkey Authentication

81158.7k4](/packages/stephenjude-filament-two-factor-authentication)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)