PHPackages                             walkweltech/laravel-otp - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. walkweltech/laravel-otp

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

walkweltech/laravel-otp
=======================

Secure your laravel routes with otps. (one time passwords)

v3.0.5(5y ago)054MITPHPPHP ^7.2.5

Since Nov 8Pushed 5y agoCompare

[ Source](https://github.com/walkwel-tech/laravel-otp)[ Packagist](https://packagist.org/packages/walkweltech/laravel-otp)[ Docs](https://github.com/walkwel-tech/laravel-otp)[ RSS](/packages/walkweltech-laravel-otp/feed)WikiDiscussions master Synced 3w ago

READMEChangelogDependencies (9)Versions (12)Used By (0)

Laravel OTP
===========

[](#laravel-otp)

This is a fork of [original](https://github.com/erdemkeren/laravel-otp) because at the point of inception original did not had Laravel 8 Support. Also new features as they come are planned to be added into this fork.

[![Latest Version on Packagist](https://camo.githubusercontent.com/15d7d50a3790c2b1a9e004eda6a68b2b9189fb1b22038adb8d76b6916ad845c9/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f77616c6b77656c746563682f6c61726176656c2d6f74702e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/walkweltech/laravel-otp)[![Software License](https://camo.githubusercontent.com/55c0218c8f8009f06ad4ddae837ddd05301481fcf0dff8e0ed9dadda8780713e/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f6c6963656e73652d4d49542d627269676874677265656e2e7376673f7374796c653d666c61742d737175617265)](LICENSE.md)[![Build Status](https://camo.githubusercontent.com/ab4125be681ad4ab222d362e9602b05de1cae8aa4f7a141b2026dd32d127b51d/68747470733a2f2f696d672e736869656c64732e696f2f7472617669732f77616c6b77656c746563682f6c61726176656c2d6f74702f6d61737465722e7376673f7374796c653d666c61742d737175617265)](https://travis-ci.org/walkweltech/laravel-otp)[![StyleCI](https://camo.githubusercontent.com/b11c11b40faf396b477ce837340f3863a63420094364aa82a2aef51636624bdd/68747470733a2f2f7374796c6563692e696f2f7265706f732f3135363639383736392f736869656c643f6272616e63683d6d6173746572)](https://styleci.io/repos/156698769)[![Quality Score](https://camo.githubusercontent.com/1d55d44781c858299f8d207ab6d2674f960fc0b92944c426ee264914436efd92/68747470733a2f2f696d672e736869656c64732e696f2f7363727574696e697a65722f672f77616c6b77656c746563682f6c61726176656c2d6f74702e7376673f7374796c653d666c61742d737175617265)](https://scrutinizer-ci.com/g/walkweltech/laravel-otp)[![Code Coverage](https://camo.githubusercontent.com/07895e907725b7ab31fd8d2a3c56223cc6be8846a78b3d76b71b97ee039acc70/68747470733a2f2f696d672e736869656c64732e696f2f7363727574696e697a65722f636f7665726167652f672f77616c6b77656c746563682f6c61726176656c2d6f74702f6d61737465722e7376673f7374796c653d666c61742d737175617265)](https://scrutinizer-ci.com/g/walkweltech/laravel-otp/?branch=master)[![Total Downloads](https://camo.githubusercontent.com/7ca69b54445950b36ce87fc50171c6f9d6e77acc89ab27dcecba91b3e7fe36f9/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f77616c6b77656c746563682f6c61726176656c2d6f74702e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/walkweltech/laravel-otp)

This package allows you to secure your resources with one time password access (otp).

Example Usage:

```
Route::get('secret', function (\Illuminate\Http\Request $request): string {
    $token = $request->otpToken();
    $messages[] = "The otp token {$token} has {$token->timeLeft()} out of {$token->expiryTime()} seconds.";

    $token->refresh();
    $messages[] = "The time left can be reset using the refresh method: {$token->timeLeft()}/{$token->expiryTime()}";

    $token->extend(30);
    $messages[] = "The expiry time can be increased using the extend method: {$token->timeLeft()}/{$token->expiryTime()}";

    $messages[] = "You can also invalidate the token immediately. Try refreshing the page ;)";
    $request->otpToken()->invalidate();

    return implode('', $messages);
})->middleware('auth', 'otp');
```

Contents
--------

[](#contents)

- [Installation](#installation)
- [Configuration](#configuration)
- [Usage](#usage)
    - [Basic Usage](#basic-usage)
    - [Advanced Usage](#advanced-usage)
    - [Deeper Knowledge](#deeper-knowledge)
- [Changelog](#changelog)
- [Testing](#testing)
- [Credits](#credits)

Installation
------------

[](#installation)

1- Add the package to your dependencies.

```
$ composer require walkweltech/laravel-otp;

```

2- Register the package in your `config/app.php` file:

*only if you your auto package discovery off.*

```
WalkwelTech\Otp\OtpServiceProvider::class,
```

3- Publish the components:

*Publishes a migration, two views and a configuration file.*

```
$ php artisan vendor:publish

```

4- Apply the migrations:

*Will create a table called `otp_tokens` to store generated token information.*

```
$ php artisan migrate

```

5- Register the routes:

*These routes are required if you are planning to use `otp` middleware.*

In your RouteServiceProvider, append the following line inside the `map` method:

```
// App\RouteServiceProvider@map:
\WalkwelTech\Otp\OtpRoutes::register();
```

6- Register the route middleware:

*Register the otp route middleware inside your `App\Http\Kernel`.*

```
/**
 * The application's route middleware.
 *
 * These middleware may be assigned to groups or used individually.
 *
 * @var array
 */
protected $routeMiddleware = [
    // [...]
    'otp' => \WalkwelTech\Otp\Http\Middleware\Otp::class,
];
```

Configuration
-------------

[](#configuration)

This package comes with a set of handy configuration options:

**password\_generator**: The password generator option allows you to decide which generator implementation to be used to generate new passwords.

Available built-in options: string, numeric and numeric-no-0. default: string

**table**: The name of the table to be used to store the otp tokens.

default: otp\_tokens

**expiry\_time**: The expiry time of the tokens in minutes.

default: 15

**default\_channels**: The default notification channels of the token notification.

Usage
-----

[](#usage)

### Basic Usage

[](#basic-usage)

After configuring your instance of the package, you can use the built-in `otp` middleware alias to secure your endpoints:

```
Route::get('secret', function (Request $request): string {
    $request->otpToken()->refresh();

    return 'The secret of immortality';
})->middleware('auth', 'otp');
```

This middleware will redirect any unauthenticated request to the `otp/create` endpoint which we have registered in the installation process:

- A password will be generated using the configured password generator.
- The authenticated user will be notified about the password via the configured notification channel.
- The user will see a form to submit their password.
- You can change the appearance of the view under your `resources/views/otp` directory, modifying `create.blade.php` file.
- After a successful authentication; the user will be redirected back to the original route they requested at the first step.
- The redirected request will also include the `otpToken()` instance being used by the user.

### Advanced Usage

[](#advanced-usage)

#### Adding the notification channel method:

[](#adding-the-notification-channel-method)

If you are not using the `mail` channel, or your notification channel is expecting a method different than `mail` or `sms`, you can register your own method like:

```
// AppServiceProvider::register():
TokenNotification::macro('AcmeSms', function () {
    // $this is TokenNotification class.
    return $this->notification->code;
});
```

*Don't forget to change your configuration file as well.*

#### Using your own password generator:

[](#using-your-own-password-generator)

To add your own password generator implemetation, you can call `addPasswordGenerator` method on `Otp` service like:

```
// AppServiceProvider::register():
app('otp')->addPasswordGenerator('acme', function (int $length): string {
    return 'your_implementation';
});
```

If you need more power, you can also create your own password generator class too:

```
