Level 8
Laravel Fortify comes with 2FA out of the box, I think you can look into the package src and see how they did it? I think it is a combination of
"bacon/bacon-qr-code": "^2.0",
"pragmarx/google2fa": "^7.0|^8.0"
Apr 17, 2021
2
Level 6
Implementing Two-Factor-Authentication
I'm aware that there are many packages out there that "support" 2FA for Laravel. But some of them are outdated, seem insecure or are only available for Google Authenticator.
Via Medium I found the Package Laraguard and was excited to implement it as it seems to do exactly what I wanted. But it seems insecure as my password was visible in plain-text while logging in. Plus, when trying with Authy, some strange name appeared as my logo.
I wanted to give Authy a try, but it is outdated and I cannot install it with my current Laravel 8 project. There is a PR since late last year, but the project seems abandoned.
What are your recommendations? Btw, I'm using Laravel Breeze.
Level 6
I checked out Fortify but did not want to rebuild the logic. So I installed Fortify along with the existing Breeze setup I had when I originally started the project. Everything is working fine so far, QR code is generated, recovery codes are generated, I can enable and disable 2FA.
But when I enable 2FA, then logout and login again, there is no 2FA challenge. It's probably due to the fact that Breeze was installed before. But how can I enable the 2FA challenge with both Breeze and Fortify?
So my login route currently uses App\Http\Controllers\Auth\AuthenticatedSessionController@create, but should probably use the Fortify route. How can I change that?
Update: Got it. Just had to remove the login routes from my auth.php
1 like
Please or to participate in this conversation.