Laravel 6 + Google Authenticator 2FA

Example Laravel project with Google Authenticator 2FA

Dependencies

laravel/ui to install the frontend scaffolding
pragmarx/google2fa-laravel to enable Google 2FA secret and QR code

Keys files

app/Http/Controllers/Auth/Google2FAController.php
app/Http/Controllers/Auth/LoginController.php
database/migrations/2019_10_18_001813_add_google2fa_secret_to_users_table.php
resources/views/auth/google2fa/activate.blade.php
resources/views/auth/google2fa/deactivate.blade.php
resources/views/auth/google2fa/login.blade.php
routes/web.php

Steps to set up

Set up Google Authenticator 2FA

Create Laravel 6 project
```
laravel new my-project
cd my-project
```

Install the Laravel frontend scaffolding

composer require laravel/ui --dev
php artisan ui vue --auth
npm install & npm run dev

Install pragmarx/google2fa-laravel to enable 2FA

composer require pragmarx/google2fa-laravel --dev

Publish the config file if custom settings are required (optional)

php artisan vendor:publish --provider="PragmaRX\Google2FALaravel\ServiceProvider"

Create database migration to store 2FA secret

php artisan make:migration add_google2fa_secret_to_users_table

Edit migration file

Schema::table('users', function (Blueprint $table) {
-   //
+   $table->string('google2fa_secret')->nullable()->after('password');
});

Schema::table('users', function (Blueprint $table) {
-   //
+   $table->dropColumn('google2fa_secret');
});

Allow user to activate 2FA

Edit routes/web.php

+ Route::get('/2fa/activate', [Google2FAController::class, 'activate2FA'])->name('2fa.activate');
+ Route::post('/2fa/activate', [Google2FAController::class, 'assign2FA']);

Activation flow. See app/Http/Controllers/Auth/Google2FAController.php
1. Generate secret key
2. Save to session temporarily
3. Generate QR code
4. Show QR code and secret to user
5. User install Google 2FA app on mobile device (if not installed)
6. User scan QR code (or, manually add secret)
7. User input 2FA code to verify
8. If 2FA code is not verified, show error and repeat step iv
9. If 2FA code is verified, save 2FA secret to user - activation is complete
Add view to activate 2FA. See resources/views/auth/google2fa/activate.blade.php

Allow user to deactivate 2FA

Edit routes/web.php

+ Route::get('/2fa/deactivate', [Google2FAController::class, 'deactivate2FA'])->name('2fa.deactivate');

Delete 2FA secret from user. See app/Http/Controllers/Auth/Google2FAController.php
Add view to deactivate 2FA. See resources/views/auth/google2fa/deactivate.blade.php

Allow user to verify 2FA

Edit routes/web.php

+ Route::get('/2fa/login', [Google2FAController::class, 'login2FA'])->name('2fa.login');
+ Route::post('/2fa/login', [Google2FAController::class, 'verify2FA']);

Redirect user to 2FA form after login with password. See app/Http/Controllers/Auth/LoginController.php
Verify 2FA code, and login user if successful. See app/Http/Controllers/Auth/Google2FAController.php
Add views to login with 2FA. See resources/views/auth/google2fa/login.blade.php

Best laravel framework open-source packages.

Example laravel google authenticator

Laravel 6 + Google Authenticator 2FA

Dependencies

Keys files

Steps to set up

Set up Google Authenticator 2FA

Allow user to activate 2FA

Allow user to deactivate 2FA

Allow user to verify 2FA

Brandon Lim