Laravel Auth

PHP MIT

Laravel Auth by GhostCompiler adds advanced authentication for Laravel with TOTP 2FA, passkeys via WebAuthn, OTP channels (email, SMS, WhatsApp), trusted devices, and tenant-aware social login.

Stars
2
Forks
0
Downloads
N/A
Open Issues
0
Files main

Repository Files

Loading file structure...
src/Http/Middleware/RequireTwoFactor.php
<?php

declare(strict_types=1);

namespace GhostCompiler\LaravelAuth\Http\Middleware;

use Closure;
use GhostCompiler\LaravelAuth\Contracts\LaravelAuthManager;
use Illuminate\Http\JsonResponse;
use Illuminate\Http\Request;
use Symfony\Component\HttpFoundation\Response;

class RequireTwoFactor
{
    public function __construct(protected LaravelAuthManager $secureAuth) {}

    public function handle(Request $request, Closure $next): Response
    {
        if (auth()->check() && ! $this->secureAuth->isFullyAuthenticated($request->user() ?? auth()->user())) {
            $payload = ['message' => '2FA required'];
            if (config('laravel-auth.verification_url')) {
                $payload['verification_url'] = config('laravel-auth.verification_url');
            }

            return new JsonResponse($payload, 403);
        }

        return $next($request);
    }
}