stephenjude / filament-two-factor-authentication
Filament Two Factor Authentication: Google 2FA + Passkey Authentication
Fund package maintenance!
stephenjude
Installs: 21 790
Dependents: 1
Suggesters: 0
Security: 0
Stars: 59
Watchers: 3
Forks: 21
Open Issues: 2
Requires
- php: ^8.1
- bacon/bacon-qr-code: ^3.0
- filament/filament: ^3.0
- pragmarx/google2fa: ^8.0
- spatie/laravel-package-tools: ^1.15.0
- spatie/laravel-passkeys: ^1.0
Requires (Dev)
- laravel/pint: ^1.0
- nunomaduro/collision: ^7.9|^8.0
- orchestra/testbench: ^8.0|^9.0|^10.0
- pestphp/pest: ^2.1|^3.0
- pestphp/pest-plugin-arch: ^2.0|^3.0
- pestphp/pest-plugin-laravel: ^2.0|^3.0
- pestphp/pest-plugin-livewire: ^2.1|^3.0
This package is auto-updated.
Last update: 2025-05-28 10:44:20 UTC
README
Filament Two Factor Authentication (2FA)
Add two-factor authentication to new and existing Filament applications.
Learn More
Filament Two-Factor Authentication Demo — Filament Daily
Installation
Below, you'll find documentation on installing this plugin. If you have any questions, find a bug, need support, or have a feature request, please don't hesitate to reach out to me at stephenjudesuccess@gmail.com.
You can install the package via composer:
composer require stephenjude/filament-two-factor-authentication
Add the TwoFactorAuthenticatable
trait to your application's authentication model and implement the HasPasskeys
trait:
namespace App\Models; use Spatie\LaravelPasskeys\Models\Concerns\HasPasskeys; use Stephenjude\FilamentTwoFactorAuthentication\TwoFactorAuthenticatable; //... class User extends Authenticatable implements FilamentUser, HasPasskeys { use TwoFactorAuthenticatable; //...
⚠️ Passkey implementation is using the spatie/laravel-passkeys package under the hood.
Install the plugin migration using:
php artisan filament-two-factor-authentication:install
Optionally, you can publish the views using
php artisan vendor:publish --tag="filament-two-factor-authentication-views"
Plugin Configuration
Add two-factor authentication plugin to a panel by instantiating the plugin class and passing it to the plugin() method of the configuration:
... use Stephenjude\FilamentTwoFactorAuthentication\TwoFactorAuthenticationPlugin; public function panel(Panel $panel): Panel { return $panel ->plugins([ TwoFactorAuthenticationPlugin::make() ->enableTwoFactorAuthentication() // Enable Google 2FA ->enablePasskeyAuthentication() // Enable Passkey ->addTwoFactorMenuItem() // Add 2FA menu item ->forceTwoFactorSetup() // Force 2FA setup ]) } ...
Advanced Configurations
use Stephenjude\FilamentTwoFactorAuthentication\TwoFactorAuthenticationPlugin; use Stephenjude\FilamentTwoFactorAuthentication\Middleware\ForceTwoFactorSetup; use Stephenjude\FilamentTwoFactorAuthentication\Middleware\TwoFactorChallenge; TwoFactorAuthenticationPlugin::make() ->enableTwoFactorAuthentication( condition: true, // Enable Google 2FA challengeMiddleware: TwoFactorChallenge::class, // Middleware to challenge user with 2FA ) ->enablePasskeyAuthentication( condition: true, // Enable Passkey ) ->forceTwoFactorSetup( condition: true, // Force 2FA setup for all users requiresPassword: true, // Require password during setup forceMiddleware: ForceTwoFactorSetup::class, // Middleware to enforce 2FA ) ->addTwoFactorMenuItem( condition: true, // Show 2FA on the user menu item label: '2FA', // Menu item label icon: 'heroicon-s-key', // Menu item icon ) ])
Custom Settings Page
If your application already has a user profile page, you can add a 2FA settings to your profile page view:
<x-filament-panels::page> @livewire(\Stephenjude\FilamentTwoFactorAuthentication\Livewire\TwoFactorAuthentication::class) @livewire(\Stephenjude\FilamentTwoFactorAuthentication\Livewire\PasskeyAuthentication::class) </x-filament-panels::page>
Events
This package dispatches events which your application can subscribe to. You can listen to these events inside your EventServiceProvider class:
use Stephenjude\FilamentTwoFactorAuthentication\Events\{RecoveryCodeReplaced,RecoveryCodesGenerated,TwoFactorAuthenticationChallenged,TwoFactorAuthenticationConfirmed,TwoFactorAuthenticationDisabled,TwoFactorAuthenticationEnabled,TwoFactorAuthenticationFailed,ValidTwoFactorAuthenticationCodeProvided}; protected $listen = [ TwoFactorAuthenticationChallenged::class => [ // Dispatched when a user is required to enter 2FA code during login. ], TwoFactorAuthenticationFailed::class => [ // Dispatched when a user provides incorrect 2FA code or recovery code during login. ], ValidTwoFactorAuthenticationCodeProvided::class => [ // Dispatched when a user provides a valid 2FA code during login. ] TwoFactorAuthenticationConfirmed::class => [ // Dispatched when a user confirms code during 2FA setup. ], TwoFactorAuthenticationEnabled::class => [ // Dispatched when a user enables 2FA. ], TwoFactorAuthenticationDisabled::class => [ // Dispatched when a user disables 2FA. ], RecoveryCodeReplaced::class => [ // Dispatched after a user's recovery code is replaced. ], RecoveryCodesGenerated::class => [ // Dispatched after a user's recovery codes are generated. ], ];
Screenshot
2FA Authentication
2FA Recovery
2FA Disabled
2FA Setup
2FA Enabled (Recovery Codes)
Testing
composer test
Changelog
Please see CHANGELOG for more information on what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security Vulnerabilities
Please review our security policy on how to report security vulnerabilities.
Credits
License
The MIT License (MIT). Please see License File for more information.