Two-factor Authentication

With Laravel and Google Authenticator

Allan Denot

How it works

adenot@gmail.com

Login

**************

Submit

461785

Login

Submit

Two-factor Enabled

How it works

MyApp

adenot@gmail.com

Secret key is randomly generated

QR code is generated from secret key and

other info

User scans QR code using Google Authenticator

It starts generating time based codes or

tokens

Enabling two-factor

372631

7JASV4C4F74ZLAR6

How it worksVerifying code

372631

Login

Submit

Two-factor Enabled

+ = 372631 ?

372631

7JASV4C4F74ZLAR6

Implementation and Demo

Installing

composer require pragmarx/google2fa

More information at: https://github.com/antonioribeiro/google2fa

Routes// Generates secret key and QR image

Route::get('user/twoFactor/secret', 'UserController@twoFactorSecret');

// Enables two-factor at user profile

Route::get('user/twoFactor/enable', 'UserController@twoFactorEnable'); // code, secret

// Verify a two-factor code

Route::get('user/twoFactor/verify', 'UserController@twoFactorVerify'); // code

{"two_factor_secret": "3UYJJUQO6O72SJJW","two_factor_qr": "https://chart.googleapis.com/chart?

chs=200x200&chld=M|0&cht=qr&chl=otpauth%3A%2F%2Ftotp%2FSpikeNode%3Aadenot%40gmail.com%3Fsecret%3D7JASV4C4F74ZLAR6%26issuer%3DSpikeNode"}

Generating Secret and QR/api/user/twoFactor/secret

Enabling two-factor

/api/user/twoFactor/enable?secret=3UYJJUQO6O72SJJW&code=733005

Verifying

/api/user/twoFactor/verify?code=733005

Verify window// Default window is 4$valid = Google2FA::verifyKey($secret, $code);

// Setting to 0$valid = Google2FA::verifyKey($secret, $code, 0);

Alternatives

Auth as a service

https://www.authy.com/

https://auth0.com/

References

Google2FA: https://github.com/antonioribeiro/google2faAuthy: https://www.authy.com/Auth0: https://auth0.com/

allandenot.comadenot@gmail.com