Home Arrow Icon Knowledge base Arrow Icon Global Arrow Icon Can I use Authy instead of Google Authenticator in Laravel Fortify


Can I use Authy instead of Google Authenticator in Laravel Fortify


Yes, you can use Authy instead of Google Authenticator with Laravel Fortify for two-factor authentication (2FA). Here's how you can integrate Authy with Fortify:

1. Install the Authy package:

bash
composer require twilio/authy-php

2. Implement the `TwoFactorAuthenticatable` trait in your `User` model:

php
use Laravel\Fortify\TwoFactorAuthenticatable;
use Authy\AuthyApi;

class User extends Authenticatable
{
    use TwoFactorAuthenticatable;

    /**
     * Get the user's Authy secret.
     *
     * @return string
     */
    public function getAuthySecretKey()
    {
        return $this->two_factor_secret;
    }

    /**
     * Set the user's Authy secret.
     *
     * @param  string  $secret
     * @return void
     */
    public function setAuthySecretKey($secret)
    {
        $this->two_factor_secret = $secret;
    }
}

3. Configure the Authy API client in your `FortifyServiceProvider`:

php
use Laravel\Fortify\Fortify;
use Authy\AuthyApi;

public function boot()
{
    Fortify::twoFactorAuthentication(function ($request, $user) {
        $authyApi = new AuthyApi(config('services.authy.api_key'));

        if ($user->two_factor_secret) {
            $isValid = $authyApi->verifyToken($user->getAuthySecretKey(), $request->input('code'));

            if ($isValid->ok()) {
                return true;
            }
        }

        return false;
    });

    Fortify::twoFactorChallengeView(function () {
        return view('auth.two-factor-challenge');
    });
}

In this example, the `twoFactorAuthentication` method uses the Authy API client to verify the TOTP code entered by the user. The `twoFactorChallengeView` method specifies the view that should be displayed when the user needs to enter the TOTP code.

4. Implement the two-factor authentication management UI:

Create a view where users can enable or disable two-factor authentication using Authy. This view should make a POST request to the `/user/two-factor-authentication` endpoint to toggle the 2FA setting.

html
<form method="POST" action="/user/two-factor-authentication">
    @csrf

    @if (auth()->user()->two_factor_secret)
        <button type="submit" name="disable" class="btn btn-danger">
            Disable Two-Factor Authentication
        </button>
    @else
        <button type="submit" name="enable" class="btn btn-success">
            Enable Two-Factor Authentication
        </button>
    @endif
</form>

By following these steps, you can integrate Authy with Laravel Fortify for two-factor authentication in your application. This allows users to use the Authy app instead of Google Authenticator to generate TOTP codes.

Citations:
[1] https://laravel.com/docs/11.x/fortify
[2] https://stackoverflow.com/questions/68750862/add-2fa-or-otp-via-e-mail-to-laravel-fortify-2fa-via-authenticator-app
[3] https://wpwebinfotech.com/blog/laravel-fortify/
[4] https://codecourse.com/watch/authentication-with-laravel-fortify/two-factor-authentication-laravel-fortify
[5] https://dev.to/nicolus/laravel-fortify-implement-2fa-in-a-way-that-won-t-let-users-lock-themselves-out-2ejk