This package adds more secure authentication in Laravel.
composer require ikepu-tp/laravel-secure-auth
php artisan migrate
php artisan vendor:publish --tags=SecureAuth-config
Change the configuration as necessary.
key entries | description |
---|---|
expires_minitues | token_expires_minutes |
token_digits | number of digits in token |
loginCallback | function of login process |
login_history | Whether to record login history or not |
login_email | send an email which notify login |
Important
Set up the login handling function in the loginCallback
configuration file.
/**
* Handle an incoming authentication request.
*/
public function store(LoginRequest $request): RedirectResponse
{
$user = User::query()
->where("email", $request->validated("email"))
->first();
if (!$user || !Hash::check($request->validated("password"), $user->password)) throw new UnauthorizedException();
return \ikepu_tp\SecureAuth\app\Http\Services\TfaService::make($user, $request->validated("remember", false));
}
Important
Issue a login event during the login process.
public function login(User $user)
{
session()->regenerate();
event(new \ikepu_tp\SecureAuth\app\Events\LoginEvent($user));
\Illuminate\Support\Facades\Auth::guard($guard)->login($user, $remember);
}
We welcome contributions to the project! You can get involved through the following ways:
Issue: Use for bug reports, feature suggestions, and more. Pull Requests: We encourage code contributions for new features and bug fixes.
See LICENSE.