2Hats . 3 minutes
November 1, 2023

How to setup Two-Factor Authentication in Laravel

We talk about how to implement Dual or 2factor authentication in Laravel using username and password followed by email. This is purely for programmers. First, the user enters his/her email address and password, after validating that, a token is generated which then gets sent to his email address. The user can log in only by using this token in the next step.

Laravel ships with a default authentication method for login. But here we cannot depend on the default authentication method. Let’s look at it in more detail.

First, we are going to define the action from login in routes.

When the submit button from the login screen is clicked, the action goes to the authenticate function in LoginController which we are going to define.
Run the following command to create the LoginController.

Now we are going to define our function

The function first validates for proper email and password fields.

Then you can find the following line.

At the top of the page, you should call the user model

The authenticate is a function that should be defined in the User model

The function checks whether the email address exists in the user table

Now going to the authenticate function in our LoginController, the $auth variable now will have the user details.

Now we can check the following line.

Here it checks if the $auth is not empty and the password matches the one for the user.

You should call the Hash facade on top of the page.

You should add the email_token field to the user migration.

Here we update the field email_token in our users’ table with a random token generated using the bin2hex(openssl_random_pseudo_bytes(4)) function.

openssl_random_pseudo_bytes($length) function generates a string of pseudo-random bytes, with the number of bytes determined by the length parameter.

The bin2hex($string) function converts a string of ASCII characters to hexadecimal values.

The above function generates an 8 digit code.

Now let’s send this code to the user’s email using

You should call

on top of the page.

For this, to work we should create an AuthenticateUser class for notification

Run the following command to create this class

Now we should have a class AuthenticateUser with some functions already created inside it.

Inside the function toMail($notifiable) which will be already there

Update to the following

You can customize the above to generate the email in the way you want. Now coming to our LoginController authenticate function, after sending the email token the function will return to a view to enter the email token.

You can have a text box and a submit button to a form in the view, with action to the following route which we should define in routes file.

Now let’s define the emailVerify function

Setup Now

In this function, we check whether the email_token is valid and on success, login using the Auth::login($user) function.

You should call ‘use Auth;’ facade on top of the page. You have now successfully created dual authentication using email. Our  Laravel Development Services adopt these ways to get it done easily or you can hire Laravel developer to get expert solutions.

blog
Greetings! I'm Aneesh Sreedharan, CEO of 2Hats Logic Solutions. At 2Hats Logic Solutions, we are dedicated to providing technical expertise and resolving your concerns in the world of technology. Our blog page serves as a resource where we share insights and experiences, offering valuable perspectives on your queries.
Aneesh ceo
Aneesh Sreedharan
Founder & CEO, 2Hats Logic Solutions
Subscribe to our Newsletter
Aneesh ceo

    Stay In The Loop!

    Subscribe to our newsletter and learn about the latest digital trends.