Two-factor authentication
Two-factor authentication provides your users with additional account security, requiring them to provide a token at login time in addition to their username and password.
Laravel Orchid - what is it?
This is a package for building administration-style applications using the Laravel framework. It is most often used to build back-office applications, admin panels, and content management systems. You can see the differences from Nova, Voyager, BackPack, QuickAdminPanel on the description page
Configuring
By default, the TOTP algorithm is used as the two-factor authentication provider. To enable it, you need to call a static method in the service provider:
namespace App\Providers;
use Illuminate\Support\ServiceProvider;
use Orchid\Support\Facades\Dashboard;
class AppServiceProvider extends ServiceProvider
{
public function boot()
{
Dashboard::useTwoFactorAuth();
}
}
Now the login form adds a token validation for the accounts upon authorization.
Now let's go to the profile page:
In the settings, select the "Two Factor Authentication" item, a modal window opens:
At this stage, we need an application that supports TOTP, for example, Google Authenticator (Available on iOS and Android)
Scan the offered QR code or manually enter the TOTP code.
The app now generates short temporary codes:
To enable, it remains only to enter the code from the phone into the modal window.
Now, when entering the panel, a temporary code will be requested:
That's all. This way we made our application safer. Even if someone receives a login and password for an account, they will also need physical access to your phone to enter the time code.
Top comments (1)
Hi Alex,
I added the line - Dashboard::useTwoFactorAuth();
My browser shows that the useTwoFactoAuth method does not exist. Do I need to install any package? Thanks
Steve