Add two factor authentication to new and existing Filament applications.
Filament Two-Factor Authentication Demo — Filament Daily
Below, you'll find documentation on installing this plugin. If you have any questions, find a bug, need support, or have a feature request, please don't hesitate to reach out to me at [email protected].
You can install the package via composer:
composer require stephenjude/filament-two-factor-authentication
Install the plugin migration using:
php artisan filament-two-factor-authentication:install
Optionally, you can publish the views using
php artisan vendor:publish --tag="filament-two-factor-authentication-views"
First, ensure that your application's authenticatio model uses the TwoFactorAuthenticatable
trait:
namespace App\Models;
...
use Stephenjude\FilamentTwoFactorAuthentication\TwoFactorAuthenticatable;
class User extends Authenticatable implements FilamentUser
{
...
use TwoFactorAuthenticatable;
Add two factor authentication plugin to a panel by instantiating the plugin class and passing it to the plugin() method of the configuration:
...
use Stephenjude\FilamentTwoFactorAuthentication\TwoFactorAuthenticationPlugin;
public function panel(Panel $panel): Panel
{
return $panel
->plugins([
TwoFactorAuthenticationPlugin::make()
->addTwoFactorMenuItem() // Add 2FA settings to user menu items
->enforceTwoFactorSetup() // Enforce 2FA setup for all users
])
}
...
If your application already has a user profile page, you can add a 2FA settings to your profile page view:
<x-filament-panels::page>
@livewire(\Stephenjude\FilamentTwoFactorAuthentication\Livewire\TwoFactorAuthentication::class)
</x-filament-panels::page>
This package dispatches events which your application can subscribe to. You can listen to these events inside your EventServiceProvider class:
use Stephenjude\FilamentTwoFactorAuthentication\Events\{RecoveryCodeReplaced,RecoveryCodesGenerated,TwoFactorAuthenticationChallenged,TwoFactorAuthenticationConfirmed,TwoFactorAuthenticationDisabled,TwoFactorAuthenticationEnabled,TwoFactorAuthenticationFailed,ValidTwoFactorAuthenticationCodeProvided};
protected $listen = [
TwoFactorAuthenticationChallenged::class => [
// Dispatched when a user is required to enter 2FA code during login.
],
TwoFactorAuthenticationFailed::class => [
// Dispatched when a user provides incorrect 2FA code or recovery code during login.
],
ValidTwoFactorAuthenticationCodeProvided::class => [
// Dispatched when a user provides a valid 2FA code during login.
]
TwoFactorAuthenticationConfirmed::class => [
// Dispatched when a user confirms code during 2FA setup.
],
TwoFactorAuthenticationEnabled::class => [
// Dispatched when a user enables 2FA.
],
TwoFactorAuthenticationDisabled::class => [
// Dispatched when a user disables 2FA.
],
RecoveryCodeReplaced::class => [
// Dispatched after a user's recovery code is replaced.
],
RecoveryCodesGenerated::class => [
// Dispatched after a user's recovery codes are generated.
],
];
composer test
Please see CHANGELOG for more information on what has changed recently.
Please see CONTRIBUTING for details.
Please review our security policy on how to report security vulnerabilities.
The MIT License (MIT). Please see License File for more information.