PHPackages sanjay-np/laravel-authenticator - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. sanjay-np/laravel-authenticator ActiveLibrary[Authentication & Authorization](/categories/authentication) sanjay-np/laravel-authenticator =============================== A Laravel package for TOTP authentication with QR code scanning capabilities 0.0.1(8mo ago)041MITPHPPHP ^8.3 Since Aug 19Pushed 8mo agoCompare [ Source](https://github.com/sanjay-np/laravel-authenticator)[ Packagist](https://packagist.org/packages/sanjay-np/laravel-authenticator)[ Docs](https://github.com/sanjay-np/laravel-authenticator)[ RSS](/packages/sanjay-np-laravel-authenticator/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependencies (16)Versions (2)Used By (0) Laravel Authenticator ===================== [](#laravel-authenticator) A Laravel package for Time-based One-Time Password (TOTP) authentication with Blade shortcode support and optional QR code display. Features -------- [](#features) - **TOTP generation and verification** using `spomky-labs/otphp`. - **Encrypted secrets** stored via Laravel Crypt. - **Per-client secrets** with active scope and last-used tracking. - **Blade directive** `@totp([...])` to render current code with timer. - **Configurable** period, digits, algorithm, window, QR settings. - **Tested** with Pest + Orchestra Testbench. Requirements ------------ [](#requirements) - **PHP**: ^8.3 - **Laravel**: ^10 || ^11 || ^12 Installation ------------ [](#installation) 1. Install via Composer: ``` composer require sanjay-np/laravel-authenticator ``` 2. Publish only what you need (config or migration): - Publish config only: ``` php artisan vendor:publish --tag=laravel-authenticator-config ``` - Publish migration only: ``` php artisan vendor:publish --tag=laravel-authenticator-migrations ``` This will place: - **Config** at `config/authenticator.php` - **Migration** (timestamped) under `database/migrations` 3. Run migrations: ``` php artisan migrate ``` Configuration ------------- [](#configuration) Update `config/authenticator.php` as needed: - **totp.period**: default 60 seconds - **totp.digits**: default 6 - **totp.algorithm**: `sha1|sha256|sha512` - **totp.window**: allowed drift windows for verification Usage ----- [](#usage) ### Service API [](#service-api) ``` use LaravelAuthenticator\LaravelAuthenticator; $auth = app(\LaravelAuthenticator\LaravelAuthenticator::class); // Create a secret for a client (e.g., user id) $record = $auth->generateClientSecret(clientId: 123, label: 'My Device'); // Get current TOTP code $code = $auth->getCurrentCode($record->secret); // Verify a code $isValid = $auth->verifyCode($record->secret, $code); // Verify by client id via model lookup $isValid = $auth->verifyTotpCode(123, $code); // Data for UI display (timer, progress, etc.) $data = $auth->getClientTotpDisplayData($record->id); ``` ### Facade [](#facade) ``` use LaravelAuthenticator\Facades\LaravelAuthenticator; $secret = LaravelAuthenticator::generateSecret(); ``` ### Blade Directive (Shortcode) [](#blade-directive-shortcode) Render a live-updating code with a progress timer (auto-refresh via page reload each period): ``` @totp(['secret_id' => $secretId, 'display' => 'code', 'show_timer' => 'true']) ``` - **secret\_id**: the `authenticator_secrets.id` value - **display**: `code|qr|both|minimal` (currently `code` is implemented) - **show\_timer**: `true|false` Database -------- [](#database) Table: `authenticator_secrets` - **client\_id**: bigint (application user id or similar) - **secret**: encrypted string via `Crypt` - **label, issuer, algorithm, digits, period, is\_active, last\_used\_at** A migration is provided and can be published using the commands above. Ensure APP\_KEY is set. Testing ------- [](#testing) This package ships with Pest tests. - Run all tests: ``` composer test ``` - With coverage: ``` composer test-coverage ``` Security Considerations ----------------------- [](#security-considerations) - Secrets are encrypted at rest using Laravel Crypt. - Ensure **APP\_KEY** is configured in production. - Consider rotating secrets if compromised and track `last_used_at`. - Limit exposure of raw secrets; `getClientTotpDisplayData` hides secrets by default. Versioning & Release ------------------------ [](#versioning--release) - Follow **SemVer**: `MAJOR.MINOR.PATCH`. - Add changes to a `CHANGELOG.md`. - Tag releases in Git: `git tag vX.Y.Z && git push --tags`. - Configure GitHub Actions (optional) to run tests and build on PRs. ### Suggested GitHub Actions Workflow (optional) [](#suggested-github-actions-workflow-optional) Create `.github/workflows/tests.yml`: ``` name: tests on: [push, pull_request] jobs: pest: runs-on: ubuntu-latest steps: - uses: actions/checkout@v4 - uses: shivammathur/setup-php@v2 with: php-version: '8.3' coverage: xdebug - run: composer install --no-interaction --prefer-dist - run: composer test-coverage ``` License ------- [](#license) MIT ### Health Score 29 — LowBetter than 60% of packages Maintenance60 Regular maintenance activity Popularity4 Limited adoption so far Community7 Small or concentrated contributor base Maturity40 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 265d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/e309e256da17612bd0d4a404f72fcbb9657fd7c91ada5857dfc54ab62eb10cf9?d=identicon)[sanjay-np](/maintainers/sanjay-np) --- Top Contributors [![sanjay-np](https://avatars.githubusercontent.com/u/28804343?v=4)](https://github.com/sanjay-np "sanjay-np (5 commits)") --- Tags laraveltotp-generatorqr codelaraveltotpAuthenticationlaravel-authenticator ### Code Quality TestsPest Static AnalysisPHPStan Code StyleLaravel Pint ### Embed Badge ![Health badge](/badges/sanjay-np-laravel-authenticator/health.svg) ``` [![Health](https://phpackages.com/badges/sanjay-np-laravel-authenticator/health.svg)](https://phpackages.com/packages/sanjay-np-laravel-authenticator) ``` ### Alternatives [jeffgreco13/filament-breezy A custom package for Filament with login flow, profile and teams support. 1.0k1.7M41](/packages/jeffgreco13-filament-breezy)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[spatie/laravel-login-link Quickly login to your local environment 4381.2M1](/packages/spatie-laravel-login-link)[ryangjchandler/laravel-cloudflare-turnstile A simple package to help integrate Cloudflare Turnstile. 438896.6k2](/packages/ryangjchandler-laravel-cloudflare-turnstile)[rawilk/profile-filament-plugin Profile & MFA starter kit for filament. 3911.9k](/packages/rawilk-profile-filament-plugin)[caresome/filament-auth-designer Transform Filament's default auth pages into stunning, brand-ready experiences 3916.8k2](/packages/caresome-filament-auth-designer) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)