/nova-google2fa

This package provides Google2FA support to Laravel Nova.

Primary LanguagePHP

LifeOnScreen/nova-google2fa

This package enforces 2FA for Laravel Nova.

Upgrade from 0.0.7 to 1.0.0

Upgrade guide is available Here.

Flow

Activation

  • User gets recovery codes.

Recovery codes

  • User activates 2FA on his device.

Activate 2FA

Verification

  • User verifies login with 2FA.

Enter 2FA

Recovery

  • If user enters invalid code, recovery button is shown.

Enter 2FA

  • User enters recovery code.

Enter 2FA

  • User is redirected to activation process.

Installation

Install via composer

$ composer require lifeonscreen/nova-google2fa

Publish config and migrations

$ php artisan vendor:publish --provider="Lifeonscreen\Google2fa\ToolServiceProvider"

Run migrations

$ php artisan migrate

Add relation to User model

use Lifeonscreen\Google2fa\Models\User2fa;

...

/**
 * @return HasOne
 */
public function user2fa(): HasOne
{
    return $this->hasOne(User2fa::class);
}

Add middleware to nova.config.

[
    ...
    'middleware' => [
        ...
        \Lifeonscreen\Google2fa\Http\Middleware\Google2fa::class,
        ...
    ],
]

Config

return [
    /**
     * Disable or enable middleware.
     */
    'enabled' => env('GOOGLE_2FA_ENABLED', true),

    'models' => [
        /**
         * Change this variable to path to user model.
         */
        'user' => 'App\User',
        
        /**
         * Change this if you need a custom connector
         */
        'user2fa' => User2fa::class,
    ],
    'tables' => [
        /**
         * Table in which users are stored.
         */
        'user' => 'users',
    ],

    'recovery_codes' => [
        /**
         * Number of recovery codes that will be generated.
         */
        'count'          => 8,

        /**
         * Number of blocks in each recovery code.
         */
        'blocks'         => 3,

        /**
         * Number of characters in each block in recovery code.
         */
        'chars_in_block' => 16,

        /**
         * The following algorithms are currently supported:
         *  - PASSWORD_DEFAULT
         *  - PASSWORD_BCRYPT
         *  - PASSWORD_ARGON2I // available from php 7.2
         */
        'hashing_algorithm' => PASSWORD_BCRYPT,
    ],
];

Security

If you discover any security-related issues, please email the author instead of using the issue tracker.

Credits

License

MIT license. Please see the license file for more information.