Laravel 2FA Documentation

Complete guide to implementing and using the Laravel 2FA authentication system

Getting Started

Step-by-step tutorial for new developers

API Reference

Complete API documentation and examples

Features

Explore all available features

Features Overview

TOTP Authentication

Time-based One-Time Password (TOTP) implementation compatible with Google Authenticator, Authy, and other TOTP apps.

  • • 6-digit codes with 30-second intervals
  • • ±1 time step validation window
  • • HMAC-SHA1 algorithm

AES-256-CBC Encryption

Custom encryption for TOTP secrets using AES-256-CBC with separate encryption keys stored in environment variables.

  • • AES-256-CBC encryption
  • • Base64 encoding
  • • Separate key and IV storage

QR Code Generation

Automatic QR code generation for easy setup with authenticator apps using the endroid/qr-code library.

  • • High error correction
  • • Customizable size
  • • Base64 PNG output

Laravel Sanctum

Full integration with Laravel Sanctum for API token authentication and session management.

  • • API token authentication
  • • Session-based auth
  • • Middleware protection

Liquid Glass UI

Beautiful, modern interface with glass morphism effects, animations, and responsive design.

  • • Glass morphism effects
  • • Responsive design
  • • Smooth animations

Security Features

Comprehensive security measures including middleware protection and secure session handling.

  • • 2FA middleware
  • • Session verification
  • • Secure token handling

System Architecture

Backend Components

TOTPService

Handles TOTP generation and validation

CustomEncryptor

AES-256-CBC encryption for secrets

QRCodeService

QR code generation for setup

Middleware

2FA verification enforcement

Frontend Components

Liquid Glass UI

Modern glass morphism design

Responsive Design

Mobile-first approach

Alpine.js

Interactive components

Tailwind CSS

Utility-first styling

Quick Start

For Users

  1. 1 Login to your account
  2. 2 Navigate to 2FA Settings
  3. 3 Scan QR code with authenticator app
  4. 4 Enter 6-digit code to confirm

For Developers

  1. 1 Clone the repository
  2. 2 Configure environment variables
  3. 3 Run migrations and seeders
  4. 4 Start the development server
Start Tutorial