PHPackages                             yossivic/otp - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. yossivic/otp

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

yossivic/otp
============

A simple package for generating and validating OTP (One Time Password) for Laravel

v1.3.2(5mo ago)66MITPHPPHP &gt;=8.1

Since Nov 23Pushed 5mo ago1 watchersCompare

[ Source](https://github.com/Mohamedyousef44/Laravel-OTP)[ Packagist](https://packagist.org/packages/yossivic/otp)[ RSS](/packages/yossivic-otp/feed)WikiDiscussions main Synced 1mo ago

READMEChangelog (5)Dependencies (1)Versions (6)Used By (0)

Laravel OTP Package
===================

[](#laravel-otp-package)

A lightweight and flexible Laravel package for generating and validating one-time passwords (OTP).
Supports storage drivers (**cache** and **database**), secure hashing, configurable expiry, and customizable OTP format.

---

Features
--------

[](#features)

- Secure hashing (no plain OTP stored)
- Supports **cache** and **database** storage drivers
- Configurable OTP length and type (numeric / alphanumeric / hex)
- Expiry control (minutes or seconds)
- Pluggable repository pattern (swap storage without changing code)
- Returns structured validation response (`['valid' => bool, 'message' => string]`)
- Optional Facade: `Otp::generate()` / `Otp::validate()`
- Publishable config and (optional) migrations

---

Installation
------------

[](#installation)

Install via Composer:

```
composer require yossivic/otp
```

Publish Configuration
---------------------

[](#publish-configuration)

```
php artisan vendor:publish --tag=otp-config
```

This copies the package config to:

```
config/otp.php

```

Database Storage Setup (optional)
---------------------------------

[](#database-storage-setup-optional)

If you want persistent OTP storage (database) instead of cache (is default value):

1. Publish migrations (if you included them)

```
php artisan vendor:publish --tag=otp-migrations
```

This should copy migration file(s) into:

```
database/migrations/2025_xx_xx_xxxxxx_create_otps_table.php

```

2.Migrate

```
php artisan migrate
```

Usage
-----

[](#usage)

You can use the service either by resolving from the container (dependency injection / app()) or via the facade.

The service returns OTP (string) on generation and a structured array on validation:

```
[
  'valid' => true|false,
  'message' => '...'
]

```

1. Using Dependency Injection (recommended)

```
namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Yossivic\Otp\Services\OtpService;

class OtpController extends Controller
{
    protected OtpService $otpService;

    public function __construct(OtpService $otpService)
    {
        $this->otpService = $otpService;
    }

    public function generate(Request $request)
    {
        $identifier = $request->input('identifier'); // e.g. user id, email, phone
        $otp = $this->otpService->generate($identifier);

        // Send OTP to user via your chosen channel (outside this package)
        return response()->json(['otp' => $otp]);
    }

    public function validate(Request $request)
    {
        $identifier = $request->input('identifier');
        $code = $request->input('otp');

        $result = $this->otpService->validate($identifier, $code);

        if ($result['valid']) {
            return response()->json(['message' => 'OTP valid']);
        }

        return response()->json(['message' => $result['message']], 422);
    }
}
```

Manual resolution (anywhere in code):

```
$otpService = app(\Yossivic\Otp\Services\OtpService::class);

$otp = $otpService->generate('user_123');           // returns generated OTP (string)
$result = $otpService->validate('user_123', '123456'); // returns ['valid'=>..., 'message'=>...]
```

2. Using the Facade (shortcut)

```
use Otp;

$otp = Otp::generate('user_123');

$result = Otp::validate('user_123', '123456');

if ($result['valid']) {
    // success
} else {
    // $result['message'] explains the failure (expired, not found, max attempts, invalid)
}
```

Repository switching (cache vs db)
----------------------------------

[](#repository-switching-cache-vs-db)

Switch storage by editing

```
config/otp.php:

// cache (fast, recommended)
'repository' => 'cache',

// or for persistent storage
'repository' => 'db',

```

Contributing
------------

[](#contributing)

I am not perfect. please open an issue to discuss major features or you have any suggestion to improve.

###  Health Score

35

—

LowBetter than 80% of packages

Maintenance70

Regular maintenance activity

Popularity9

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity47

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~0 days

Total

5

Last Release

175d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/94fa9b82d694ba7b7b7df85e85e0dbd4f1f9ccfde26965a552aed293d15bfaf4?d=identicon)[Mohamedyousef44](/maintainers/Mohamedyousef44)

---

Top Contributors

[![Mohamedyousef44](https://avatars.githubusercontent.com/u/122277647?v=4)](https://github.com/Mohamedyousef44 "Mohamedyousef44 (1 commits)")

---

Tags

laravelotpsecurityAuthentication

### Embed Badge

![Health badge](/badges/yossivic-otp/health.svg)

```
[![Health](https://phpackages.com/badges/yossivic-otp/health.svg)](https://phpackages.com/packages/yossivic-otp)
```

###  Alternatives

[salehhashemi/laravel-otp-manager

Laravel OTP manager

18713.2k](/packages/salehhashemi-laravel-otp-manager)[rinvex/laravel-authy

Rinvex Authy is a simple wrapper for Authy TOTP, the best rated Two-Factor Authentication service for consumers, simplest 2fa Rest API for developers and a strong authentication platform for the enterprise.

3376.7k1](/packages/rinvex-laravel-authy)[alajusticia/laravel-logins

Session management in Laravel apps, user notifications on new access, support for multiple separate remember tokens, IP geolocation, User-Agent parser

2011.0k](/packages/alajusticia-laravel-logins)[hosseinhezami/laravel-permission-manager

Advanced permission manager for Laravel.

403.3k](/packages/hosseinhezami-laravel-permission-manager)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)