PHPackages mwguerra/email-security-manager - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. mwguerra/email-security-manager ActiveLibrary[Authentication & Authorization](/categories/authentication) mwguerra/email-security-manager =============================== A robust Laravel package for managing email verification, password security, and audit trails v1.0.0(1y ago)71MITPHPPHP ^8.2 Since Dec 5Pushed 1y ago1 watchersCompare [ Source](https://github.com/mwguerra/email-security-manager)[ Packagist](https://packagist.org/packages/mwguerra/email-security-manager)[ RSS](/packages/mwguerra-email-security-manager/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependencies (6)Versions (2)Used By (0) Laravel Email Security Manager ============================== [](#laravel-email-security-manager) [![Latest Version on Packagist](https://camo.githubusercontent.com/397e0c50fc4588db53e1d7157606311722153dee488f70904355cfbef7058cd9/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6d776775657272612f656d61696c2d73656375726974792d6d616e616765722e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/mwguerra/email-security-manager)[![Total Downloads](https://camo.githubusercontent.com/a302c7090f01edbc712d3c04a361025bf18c4083148f0087b8282107d2cf9606/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6d776775657272612f656d61696c2d73656375726974792d6d616e616765722e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/mwguerra/email-security-manager)[![License](https://camo.githubusercontent.com/2d05b4e9f6b3101445f82b0a96757ac43f4f1a1e3ab30e05ce298b80c476374d/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f6d776775657272612f656d61696c2d73656375726974792d6d616e616765722e7376673f7374796c653d666c61742d737175617265)](LICENSE.md) A comprehensive Laravel package for managing email verification and password security with built-in audit trails. This package helps you enforce security best practices and comply with data protection regulations. Key Features ------------ [](#key-features) - πŸ›‘οΈ **Enhanced Security** - Force periodic email reverification - Require regular password changes - Support for multiple authentication models - Configurable expiry periods - πŸ“Š **Complete Audit Trail** - Track all verification events - Monitor password changes - Record security-related actions - Polymorphic relationships for flexibility - πŸ”„ **Automated Security** - Middleware for automatic checks - Event-driven audit logging - Bulk operation support - Configurable security policies - πŸ“œ **Compliance Ready** - GDPR compliance support - LGPD requirements - CCPA alignment - Security best practices Requirements ------------ [](#requirements) - PHP 8.2 or higher - Laravel 11.0 or higher Installation ------------ [](#installation) ``` composer require mwguerra/email-security-manager ``` Setup ----- [](#setup) 1. Publish the configuration and migrations: ``` php artisan vendor:publish --provider="MWGuerra\EmailSecurityManager\EmailSecurityManagerServiceProvider" ``` 2. Run the migrations: ``` php artisan migrate ``` 3. Add the `HasEmailSecurity` trait to your authenticatable models: ``` use MWGuerra\EmailSecurityManager\Traits\HasEmailSecurity; class User extends Authenticatable { use HasEmailSecurity; } ``` Configuration ------------- [](#configuration) ### Basic Configuration [](#basic-configuration) Configure your authenticatable models and security settings in `config/email-security.php`: ``` return [ // Configure authenticatable models 'authenticatable_models' => [ 'default' => \App\Models\User::class, 'admin' => \App\Models\Admin::class, 'customer' => \App\Models\Customer::class, ], // Set expiry periods 'verification_expiry_days' => env('EMAIL_VERIFICATION_EXPIRY_DAYS', 30), 'password_expiry_days' => env('PASSWORD_EXPIRY_DAYS', 90), // Configure redirect route 'redirect_route' => 'verification.notice', // Routes to skip verification 'skip_routes' => [ 'verification.notice', 'verification.verify', 'verification.send', 'password.request', 'password.reset', 'password.update', 'logout' ], ]; ``` ### Middleware Setup [](#middleware-setup) Add the middleware to your `app/Http/Kernel.php`: ``` protected $routeMiddleware = [ 'verify.email' => \MWGuerra\EmailSecurityManager\Middleware\EmailSecurityMiddleware::class, ]; ``` Usage ----- [](#usage) ### Basic Usage [](#basic-usage) ``` use MWGuerra\EmailSecurityManager\Services\EmailSecurityService; class SecurityController extends Controller { public function __construct( protected EmailSecurityService $securityService ) {} public function requireVerification(User $user) { $this->securityService->requestReverification( authenticatable: $user, reason: 'Security policy update', triggeredBy: auth()->user() ); } } ``` ### Multiple Authentication Models [](#multiple-authentication-models) ``` // Using different authenticatable models $this->securityService ->useAuthenticatable(Admin::class) ->requestReverification($admin); // Or specify in the method call $this->securityService->requestReverification( authenticatable: $customer, authenticatableClass: Customer::class ); ``` ### Bulk Operations [](#bulk-operations) ``` // Force reverification for multiple users $users = User::where('department', 'IT')->get(); $this->securityService->requestReverification( authenticatables: $users, reason: 'Department security update' ); // Request password change for all active admins $admins = Admin::where('is_active', true)->get(); $this->securityService ->useAuthenticatable(Admin::class) ->requestPasswordChange($admins); ``` ### Middleware Usage [](#middleware-usage) ``` // In your routes file Route::middleware(['auth', 'verify.email'])->group(function () { // Protected routes requiring valid email verification }); ``` ### Audit Trail [](#audit-trail) ``` // Get verification history $user->securityAudits()->latest()->get(); // Get recent verifications $user->securityAudits() ->emailVerifications() ->recent() ->get(); // Get password changes $user->securityAudits() ->passwordChanges() ->get(); ``` ### Advanced Features [](#advanced-features) ``` // Custom expiry periods $this->securityService ->setVerificationExpiryDays(60) ->setPasswordExpiryDays(45) ->requestReverification($user); // Get entities requiring action $needsAction = $this->securityService->getAuthenticatablesRequiringAction(); ``` Events ------ [](#events) The package automatically listens for and logs these Laravel events: - `Illuminate\Auth\Events\Verified` - `Illuminate\Auth\Events\PasswordReset` Testing ------- [](#testing) ``` composer test ``` Security -------- [](#security) If you discover any security issues, please email instead of using the issue tracker. Credits ------- [](#credits) - [Marcelo W. Guerra](https://github.com/mwguerra) - [All Contributors](../../contributors) Special Thanks -------------- [](#special-thanks) Special thanks to the [Beer and Code Laravel Community](https://github.com/beerandcodeteam) for all the support, feedback, and great discussions that helped shape this package. Their dedication to sharing knowledge and fostering collaboration in the Laravel ecosystem is truly inspiring. πŸΊπŸ‘¨β€πŸ’» About ----- [](#about) I'm a software engineer specializing in Laravel and PHP development. Visit [mwguerra.com](https://mwguerra.com) to learn more about my work. License ------- [](#license) The MIT License (MIT). Please see [License File](LICENSE.md) for more information. ### Health Score 28 β€” LowBetter than 54% of packages Maintenance41 Moderate activity, may be stable Popularity7 Limited adoption so far Community7 Small or concentrated contributor base Maturity50 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits β€” single point of failure How is this calculated?**Maintenance (25%)** β€” Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** β€” Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** β€” Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** β€” Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 520d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/e5272bc4d88e75a3a196a9b1e4bcfe8e7287045a62e3f1aa995bf94950d2ac2d?d=identicon)[MWGuerra](/maintainers/MWGuerra) --- Top Contributors [![mwguerra](https://avatars.githubusercontent.com/u/27717982?v=4)](https://github.com/mwguerra "mwguerra (17 commits)") ### Code Quality TestsPest ### Embed Badge ![Health badge](/badges/mwguerra-email-security-manager/health.svg) ``` [![Health](https://phpackages.com/badges/mwguerra-email-security-manager/health.svg)](https://phpackages.com/packages/mwguerra-email-security-manager) ``` ### Alternatives [bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth)[olssonm/l5-very-basic-auth Laravel stateless HTTP basic auth without the need for a database 1662.5M1](/packages/olssonm-l5-very-basic-auth)[stechstudio/laravel-jwt Helper package that makes it easy to generate, consume, and protect routes with JWT tokens in Laravel 126117.6k](/packages/stechstudio-laravel-jwt)[scaler-tech/laravel-saml2 SAML2 Service Provider integration for Laravel applications, based on OneLogin toolkit 2737.5k](/packages/scaler-tech-laravel-saml2)[truckersmp/steam-socialite Laravel Socialite provider for Steam OpenID. 1516.7k](/packages/truckersmp-steam-socialite) PHPackages Β© 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)