How to Use the Google2FA-Laravel Package
Google2FA-Laravel is a package that integrates Google Two-Factor Authentication (2FA) into your Laravel application. Here’s a step-by-step guide on how to set it up and use it:
Installation
1. Install via Composer:
composer require pragmarx/google2fa-laravel
2. Service Provider (Laravel 5.4 and below): Add the Service Provider and Facade alias to config/app.php
PragmaRX\Google2FALaravel\ServiceProvider::class,
'Google2FA' => PragmaRX\Google2FALaravel\Facade::class,
3. Publish Configuration
php artisan vendor:publish --provider="PragmaRX\Google2FALaravel\ServiceProvider"
Basic Usage
4. Generate Secret Key:
use Google2FA; $secret = Google2FA::generateSecretKey();
5. Create QR Code: You can create a QR code for users to scan with Google Authenticator.
6. Verify User Input:
$valid = Google2FA::verifyKey($secret, $userInput);
Middleware Integration
1. Add Middleware to Kernel:
protected $routeMiddleware = [
'2fa' => \PragmaRX\Google2FALaravel\Middleware::class,
];
2. Apply Middleware to Routes:
Route::get('/admin', function () {
return view('admin.index');
})->middleware(['auth', '2fa']);
Advanced Features
1. Custom QR Code Backend:
Google2FA::setQRCodeBackend('svg');
2. OTP Lifetime Configuration:
'lifetime' => 0, // 0 = eternal
'keep_alive' => true,
3. Logout from 2FA:
Google2FA::logout();
4. Throttle Login Attempts: Use Laravel’s route throttle middleware:
Route::middleware(['throttle'])->group(function () {
// routes
});
Stateless Usage
1. Stateless Middleware:
protected $routeMiddleware = [
'2fa' => \PragmaRX\Google2FALaravel\MiddlewareStateless::class,
];
By following these steps, you can effectively integrate and manage Google 2FA in your Laravel application to enhance security. For more details, visit the GitHub repository.