A simple package to generate and validate OTPs
ichtrojan/laravel-otp is a Laravel package for a simple package to generate and validate otps.
It currently has 269 GitHub stars and 380.099 downloads on Packagist (latest version v2.0.0).
Install it with composer require ichtrojan/laravel-otp.
Discover more Laravel packages by ichtrojan
or browse all Laravel packages to compare alternatives.
Last updated
This is a simple package to generate and validate OTPs (One Time Passwords). This can be implemented mostly in Authentication.
Install via composer
composer require ichtrojan/laravel-otp
Run Migrations
php artisan migrate
NOTE Response are returned as objects. You can access its attributes with the arrow operator (
->)
<?php
use Ichtrojan\Otp\Otp;
(new Otp)->generate(string $identifier, string $type, int $length = 4, int $validity = 10);
$identifier: The identity that will be tied to the OTP.$type: The type of token to be generated, supported types are numeric and alpha_numeric$length (optional | default = 4): The length of token to be generated.$validity (optional | default = 10): The validity period of the OTP in minutes.<?php
use Ichtrojan\Otp\Otp;
(new Otp)->generate('[email protected]', 'numeric', 6, 15);
This will generate a six digit OTP that will be valid for 15 minutes and the success response will be:
{
"status": true,
"token": "282581",
"message": "OTP generated"
}
<?php
use Ichtrojan\Otp\Otp;
(new Otp)->validate(string $identifier, string $token)
$identifier: The identity that is tied to the OTP.$token: The token tied to the identity.<?php
use Ichtrojan\Otp\Otp;
(new Otp)->validate('[email protected]', '282581');
On Success
{
"status": true,
"message": "OTP is valid"
}
Does not exist
{
"status": false,
"message": "OTP does not exist"
}
Not Valid*
{
"status": false,
"message": "OTP is not valid"
}
Expired
{
"status": false,
"message": "OTP Expired"
}
To verify the validity of an OTP without marking it as used, you can use the isValid method:
<?php
use Ichtrojan\Otp\Otp;
(new Otp)->isValid(string $identifier, string $token);
This will return a boolean value of the validity of the OTP.
You can delete expired tokens by running the following artisan command:
php artisan otp:clean
You can also add this artisan command to app/Console/Kernel.php to automatically clean on scheduled
<?php
protected function schedule(Schedule $schedule)
{
$schedule->command('otp:clean')->daily();
}
If you find an issue with this package or you have any suggestion please help out. I am not perfect.
