PHPackages prazzolgautam62/laravel-security-features - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. prazzolgautam62/laravel-security-features ActiveLibrary[Authentication & Authorization](/categories/authentication) prazzolgautam62/laravel-security-features ========================================= A Laravel package for 2FA via email, login logs, and device management with configurable features. v1.0.18(5mo ago)025MITPHPPHP ^7.2 Since Oct 30Pushed 5mo agoCompare [ Source](https://github.com/prazzolgautam62/laravel-security-features)[ Packagist](https://packagist.org/packages/prazzolgautam62/laravel-security-features)[ RSS](/packages/prazzolgautam62-laravel-security-features/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependencies (7)Versions (20)Used By (0) Laravel Security Features Package ================================= [](#laravel-security-features-package) This package enhances Laravel applications with advanced security features including email verification, two-factor authentication (2FA), login logging, and device management. It is designed for Laravel 6.2 and supports PHP versions 7.2 to 7.4. The package assumes a `users` table exists in your database. Features -------- [](#features) - **Email Verification Middleware**: Ensures users verify their email addresses before accessing specific protected routes. - **Two-Factor Authentication (2FA)**: Adds an extra layer of security by requiring a verification code sent to the user's email. (if enabled in config and by user both.) - **Login Logs**: Tracks user login activities (if enabled). - **Device Management**: Manages and verifies devices used for login, preventing unauthorized access from unrecognized devices. Requirements ------------ [](#requirements) - PHP 7.2, 7.3, or 7.4 - A `users` table in your database with an `email_verified_at` column Installation ------------ [](#installation) Follow these steps to install and configure the package in your Laravel application: 1. **Install the Package** ``` composer require prajwol/laravel-security-features ``` 2. **Publish Config, Views, Routes, and Controller** ``` php artisan vendor:publish --tag=config php artisan vendor:publish --tag=views php artisan vendor:publish --tag=routes php artisan vendor:publish --tag=controller (only in dev on first install) ``` 3. **Run Migrations** ``` php artisan migrate ``` 4. **.env Configuration** ``` SECURITY_EMAIL_VERIFY=false SECURITY_2FA=false SECURITY_LOGIN_LOGS=false SECURITY_DEVICE_MANAGEMENT=false VERIFICATION_CODE_EXPIRY=2 SECURITY_2FA_VALIDITY_DAYS=30 SECURITY_OTP_LENGTH=6 SECURITY_SUPERADMIN_EMAIL_TO=no-reply@laravelsecurity.com SECURITY_PLATFORM_NAME='Laravel Security' ``` 5. **Using the Middleware**A middleware named `laravel-security-feature.email-verified` is automatically registered. You can use it to protect routes that require verified emails: 6. **LoginController Integration**Use the provided trait in your controller: ``` use Prajwol\LaravelSecurityFeatures\Traits\HandlesSecurityFeatures; class LoginController extends Controller { use HandlesSecurityFeatures; public function login(Request $request) { if (Auth::attempt($request->only('email', 'password'))) { $response = $this->handlePostLogin($request); if ($response) return $response; $token = Auth::user()->createToken('access_token')->accessToken; return response()->json(['token' => $token], 200); } return response()->json(['message' => 'Invalid credentials'], 401); } } ``` 7. **Available API Routes** ``` Route::post('/laravel-security-feature/verify', [LaravelSecurityFeatureController::class, 'verify']); Route::post('/laravel-security-feature/changeEmailAndSendOtp/{user_id}', [LaravelSecurityFeatureController::class, 'changeEmailAndSendOtp']); Route::post('/laravel-security-feature/verifyEmailOnly/{user_id}', [LaravelSecurityFeatureController::class, 'verifyEmailOnlyForUser']); ``` Configuration File (`config/security-features.php`) --------------------------------------------------- [](#configuration-file-configsecurity-featuresphp) ``` return [ 'enable_email_verify' => env('SECURITY_EMAIL_VERIFY', false), 'enable_2fa' => env('SECURITY_2FA', false), 'enable_login_logs' => env('SECURITY_LOGIN_LOGS', false), 'enable_device_management' => env('SECURITY_DEVICE_MANAGEMENT', false), 'user_model' => 'App\\Models\\User', 'verification_code_expiry' => 10, 'device_identifier' => 'user_agent', 'email_from' => env('MAIL_FROM_ADDRESS', 'no-reply@laravelsecurity.com'), '2fa_validity_days' => env('SECURITY_2FA_VALIDITY_DAYS', 30), 'otp_length' => env('SECURITY_OTP_LENGTH',6), 'superadmin_email_to' => env('SECURITY_SUPERADMIN_EMAIL_TO', 'no-reply@laravelsecurity.com'), ]; ``` How It Works ------------ [](#how-it-works) 1. **Post Login Checks** - Validates 2FA, device, and email verification logic after successful login. 2. **Verification Flow** - Users receive a 6-digit verification code. - The `/verify` endpoint confirms identity and updates records. 3. **Device Management** - Identifies devices using `user_agent` or `user_agent_ip`. - Creates/updates records in `user_devices`. 4. **Email Verification Middleware** - Protects sensitive routes. - Automatically denies unverified users. Support ------- [](#support) For issues or feature requests, visit [GitHub](https://github.com/prazzolgautam62/laravel-security-features) or email ****. ### Health Score 32 — LowBetter than 72% of packages Maintenance70 Regular maintenance activity Popularity7 Limited adoption so far Community6 Small or concentrated contributor base Maturity39 Early-stage or recently created project Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~1 days Total 19 Last Release 175d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/06bd8ef8ce13cf1140a812dc400a58bc4783bf471d11d10eaa16e45de25d1c01?d=identicon)[prazzolgautam62](/maintainers/prazzolgautam62) --- Top Contributors [![prazzolgautam62](https://avatars.githubusercontent.com/u/41408234?v=4)](https://github.com/prazzolgautam62 "prazzolgautam62 (26 commits)") ### Embed Badge ![Health badge](/badges/prazzolgautam62-laravel-security-features/health.svg) ``` [![Health](https://phpackages.com/badges/prazzolgautam62-laravel-security-features/health.svg)](https://phpackages.com/packages/prazzolgautam62-laravel-security-features) ``` ### Alternatives [laravel/pulse Laravel Pulse is a real-time application performance monitoring tool and dashboard for your Laravel application. 1.7k12.1M99](/packages/laravel-pulse)[mongodb/laravel-mongodb A MongoDB based Eloquent model and Query builder for Laravel 7.1k7.2M71](/packages/mongodb-laravel-mongodb)[roots/acorn Framework for Roots WordPress projects built with Laravel components. 9682.1M97](/packages/roots-acorn)[aedart/athenaeum Athenaeum is a mono repository; a collection of various PHP packages 245.2k](/packages/aedart-athenaeum)[laragear/two-factor On-premises 2FA Authentication for out-of-the-box. 339785.3k8](/packages/laragear-two-factor)[flarum/core Delightfully simple forum software. 211.3M1.9k](/packages/flarum-core) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)