通过
搜索
搜索nextvikas / laravel-google-authenticator
为您的Laravel应用程序提供谷歌认证器的2步验证
dev-main
2024-09-26 03:59 UTC
Requires
- php: ^7.4 || ^8.0 || ^8.1 || ^8.2 || ^8.3
- laravel/framework: >=7.0
This package is auto-updated.
Last update: 2024-09-26 03:59:46 UTC
README
本包为Laravel应用程序提供无缝集成谷歌认证器,用于两步验证。它通过要求用户除了输入主要登录凭证外,还需输入由谷歌认证器应用生成的时间基于的一次性密码(TOTP),从而增强了安全性。这确保了额外的保护层,以防止未经授权的访问。该包提供了一个易于使用的API,简化了双因素认证(2FA)的实施,包括如生成二维码和令牌验证等功能。
要求
当前包的要求是
- Laravel >= 7.x
- PHP >= 7.4
安装
1. 添加到composer.json
composer require "nextvikas/laravel-google-authenticator @dev"
2. 使用 artisan vendor:publish 命令发布文件 对于包,您通常使用 vendor:publish 来从 nextvikas/laravel-google-authenticator 复制文件,如迁移或配置文件到您的应用程序。
php artisan vendor:publish --provider="Nextvikas\Authenticator\AuthenticatorServiceProvider"
3. 运行迁移
php artisan migrate --path=\vendor\nextvikas\laravel-google-authenticator\database\migrations\2024_09_22_000000_add_authenticator_columns_to_users.php
文档
一旦安装了扩展,只需将 Authenticator 中间件添加到您想要保护的地方,然后工作就结束了,Authenticator 开始...
Route::middleware(['authenticator:admin'])->group(function () { Route::get('/', [AccountController::class, 'index']); });
或者您可以在同一个文件中使用多个中间件
Route::middleware([ExampleMiddleware::class,'authenticator:admin'])->group(function () { Route::get('/', [AccountController::class, 'index']); });
或者您可以在同一个文件中使用单个路由中间件
Route::get('/admin', [AccountController::class, 'index'])->middleware('authenticator:admin');
或者像这样
Route::get('/account', [AccountController::class, 'index'])->middleware('authenticator:account');
注意:请注意,您在中间件中写入的任何名称 'authenticator:',必须包含在配置文件 'config\authenticator.php' 中
只需更改 config\authenticator.php 文件中的默认配置值
// config\authenticator.php return [ /* * This format will be displayed in the Google Authenticator app. You can customize the name however you like, and you can include user fields in the format {field}. For example, you can add {email}, {username}, {phone}, and so on. */ 'app_format' => 'Appname: {username}', /* * You can pass parameters to middleware in Laravel using a format like 'authenticator:admin'. * Please note that whatever value you specify here will be received in your middleware. For instance, * if you write 'newsecure', your middleware should be set up to handle it as 'authenticator:newsecure'. */ 'admin' => [ // Determines whether the verification process is enabled. // It pulls the value from the environment file (.env), with a default value of 'true' if not set. 'enabled' => true, // The route name for the login page. // This specifies where the user will be redirected for login, with a default route 'admin.login'. 'login_route_name' => 'admin.login', // The name of the guard used for login. // It is pulled from the .env file with 'web' as the default guard. // 'login_guard_name' => 'admin', 'login_guard_name' => 'web', // The main layout used for the verification views. // Defaults to 'layouts.app', but can be overridden via the .env file. 'main_layout' => 'layouts.app', // The route name for logout functionality. // Default value is 'false'. If a route is set here, the verification page will show a logout button. // Otherwise, the logout button will be hidden. // 'logout_route_name' => 'admin.logout', 'logout_route_name' => false, // The route name for a successful verification. // If set to false (default), the user will be redirected to the root page after successful verification. // Otherwise, it will redirect to the specified route name. // 'success_route_name' => 'admin.home', 'success_route_name' => false, ], /* * You can pass parameters to middleware in Laravel using a format like 'authenticator:account'. * Please note that whatever value you specify here will be received in your middleware. For instance, * if you write 'accountsecure', your middleware should be set up to handle it as 'authenticator:accountsecure'. */ 'account' => [ // Determines whether the verification process is enabled. // It pulls the value from the environment file (.env), with a default value of 'true' if not set. 'enabled' => true, // The route name for the login page. // This specifies where the user will be redirected for login, with a default route 'account.login'. 'login_route_name' => 'account.login', // The name of the guard used for login. // It is pulled from the .env file with 'web' as the default guard. // 'login_guard_name' => 'account', 'login_guard_name' => 'web', // The main layout used for the verification views. // Defaults to 'layouts.app', but can be overridden via the .env file. 'main_layout' => 'layouts.app', // The route name for logout functionality. // Default value is 'false'. If a route is set here, the verification page will show a logout button. // Otherwise, the logout button will be hidden. // 'logout_route_name' => 'account.logout', 'logout_route_name' => false, // The route name for a successful verification. // If set to false (default), the user will be redirected to the root page after successful verification. // Otherwise, it will redirect to the specified route name. // 'success_route_name' => 'account.home', 'success_route_name' => false, ], ];
修改视图文件
首先复制
1. \vendor\nextvikas\laravel-google-authenticator\resources\views\scan.blade.php to \resources\views\vendor\authenticator\scan.blade.php 2. \vendor\nextvikas\laravel-google-authenticator\resources\views\verify.blade.php to \resources\views\vendor\authenticator\verify.blade.php
然后您可以修改视图文件,使用您自己的代码。