diadal/google2fa-laravel
Composer 安装命令:
composer require diadal/google2fa-laravel
包简介
A One Time Password Authentication package, compatible with Google Authenticator.
README 文档
README
Google Two-Factor Authentication Package for Laravel Useing web & admin Auth Guard
Google2FA is a PHP implementation of the Google Two-Factor Authentication Module, supporting the HMAC-Based One-time Password (HOTP) algorithm specified in RFC 4226 and the Time-based One-time Password (TOTP) algorithm specified in RFC 6238.
This package is a Laravel bridge to Google2FA's PHP package.
The intent of this package is to create QRCodes for Google2FA and check user typed codes. If you need to create backup/recovery codes, please check below.
Recovery/Backup codes
if you need to create recovery or backup codes to provide a way for your users to recover a lost account, you can use the Recovery Package.
Demos, Example & Playground
Please check the Google2FA Package Playground.
Here's an demo app showing how to use Google2FA: google2fa-example.
You can scan the QR code on this (old) demo page with a Google Authenticator app and view the code changing (almost) in real time.
Compatibility
| Laravel | Google2FA | Google2FA-Laravel |
|---|---|---|
| 4.2 | <= 1.0.1 | |
| 5.0-5.1 | <= 1.0.1 | |
| 5.2-5.6 | >= 2.0.0 | >= 0.2.0 |
Installing
Use Composer to install it:
composer require diadal/google2fa-laravel
If you prefer inline QRCodes instead of a Google generated url, you'll need to install BaconQrCode:
composer require bacon/bacon-qr-code
Installing on Laravel
Laravel 5.5
You don't have to do anything else, this package autoloads the Service Provider and create the Alias, using the new Auto-Discovery feature.
Laravel 5.4 and below
Add the Service Provider and Facade alias to your app/config/app.php (Laravel 4.x) or config/app.php (Laravel 5.x):
Diadal\Google2FALaravel\ServiceProvider::class, 'Diadal2FA' => Diadal\Google2FALaravel\Facade::class,
Publish the config file
php artisan vendor:publish --provider="Diadal\Google2FALaravel\ServiceProvider"
Using It
Use the Facade
use Diadal2FA; return Diadal2FA::generateSecretKey();
In Laravel you can use the IoC Container
$google2fa = app('diadal.google2fa'); return $google2fa->generateSecretKey();
Middleware
This package has a middleware which will help you code 2FA on your app. To use it, you just have to:
Using the middleware
Add the middleware to your Kernel.php:
protected $routeMiddleware = [ ... '2fa' => \Diadal\Google2FALaravel\Middleware::class, ];
Using it in one or more routes:
Route::get('/admin', function () { return view('admin.index'); })->middleware(['auth', '2fa']);
Configuring the view
You can set your 'ask for a one time password' view in the config file (config/google2fa.php):
/** * One Time Password View */ 'view' => 'google2fa.index',
And in the view you just have to provide a form containing the input, which is also configurable:
/** * One Time Password request input name */ 'otp_input' => 'one_time_password',
Here's a form example:
<form action="/google2fa/authenticate" method="POST"> <input name="one_time_password" type="text"> <button type="submit">Authenticate</button> </form>
One Time Password Lifetime
Usually an OTP lasts forever, until the user logs off your app, but, to improve application safety, you may want to re-ask, only for the Google OTP, from time to time. So you can set a number of minutes here:
/** * Lifetime in minutes. * In case you need your users to be asked for a new one time passwords from time to time. */ 'lifetime' => 0, // 0 = eternal
And you can decider whether your OTP will be kept alive while your users are browsing the site or not:
/** * Renew lifetime at every new request. */ 'keep_alive' => true,
Manually logging out from 2Fa
This command wil logout your user and redirect he/she to the 2FA form on the next request:
Google2FA::logout();
If you don't want to use the Facade, you may:
use Diadal\Google2FALaravel\Support\Authenticator; (new Authenticator(request()))->logout();
Events
The following events are fired:
- EmptyOneTimePasswordReceived
- LoggedOut
- LoginFailed
- LoginSucceeded
- OneTimePasswordExpired
- OneTimePasswordRequested
Documentation
Check the ReadMe file in the main Google2FA repository.
Tests
The package tests were written with phpspec.
Author
License
Google2FA is licensed under the MIT License - see the LICENSE file for details
Contributing
Pull requests and issues are more than welcome.
diadal/google2fa-laravel 适用场景与选型建议
diadal/google2fa-laravel 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 10 次下载、GitHub Stars 达 0, 最近一次更新时间为 2018 年 09 月 26 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「Authentication」 「laravel」 「Two Factor Authentication」 「google2fa」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 diadal/google2fa-laravel 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 diadal/google2fa-laravel 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 diadal/google2fa-laravel 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Laravel Authentication package with built-in two-factor (Authy) and social authentication (Socialite).
This package provides Laravel bindings and a Eloquent/Model trait for pragmarx/recovery package.
Automatically logs-in users if they are already authenticated by a remote source. (e.g. environment variable REMOTE_USER)
GraphQL authentication for your headless Craft CMS applications.
Two Captcha
Laravel middleware to restrict a site or specific routes using HTTP basic authentication
统计信息
- 总下载量: 10
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 1
- 点击次数: 4
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: BSD-3-Clause
- 更新时间: 2018-09-26

