Home Arrow Icon Knowledge base Arrow Icon Global Arrow Icon How do I store the 2FA secret in the user's database in Laravel
    Laravel 2FA Two-Factor Authentication Google2FA Laravel Migration User Model Security


How do I store the 2FA secret in the user's database in Laravel


To store the 2FA secret in the user's database in Laravel, you can follow these steps:

Step 1: Create a Migration

1. Create a Migration: 

bash
   php artisan make:migration add_google2fa_secret_to_users

Step 2: Update the Migration

1. Update the Migration: 

php
   // database/migrations/2024_02_15_152631_add_google2fa_secret_to_users.php

   use Illuminate\Database\Schema\Blueprint;

   use Illuminate\Database\Migrations\Migration;

   class AddGoogle2faSecretToUsers extends Migration

   {

       public function up()

       {

           Schema::table('users', function ($table) {

               $table->string('google2fa_secret')->nullable();

           });

       }

       public function down()

       {

           Schema::table('users', function ($table) {

               $table->dropColumn('google2fa_secret');

           });

       }

   }

Step 3: Run the Migration

1. Run the Migration: 

bash
   php artisan migrate

Step 4: Update the User Model

1. Update the User Model: 

php
   // app/User.php

   use Illuminate\Database\Eloquent\Model;

   use Illuminate\Support\Facades\Crypt;

   class User extends Model

   {

       protected $fillable = [

           'name',

           'email',

           'password',

           'google2fa_secret',

       ];

       protected $hidden = [

           'password',

           'remember_token',

       ];

       protected $casts = [

           'email_verified_at' => 'datetime',

       ];

       public function setGoogle2faSecretAttribute($value)

       {

           $this->attributes['google2fa_secret'] = Crypt::encrypt($value);

       }

       public function getGoogle2faSecretAttribute()

       {

           return Crypt::decrypt($this->attributes['google2fa_secret']);

       }

   }

Step 5: Generate the Secret Key

1. Generate the Secret Key: 

php
   // Google2FAController.php

   public function enableTwoFactor(Request $request)

   {

       $secret = $this->generateSecret();

       $user = $request->user();

       $user->google2fa_secret = Crypt::encrypt($secret);

       $user->save();

       // Generate QR code for the user

       $imageDataUri = Google2FA::getQRCodeInline(

           $request->getHttpHost(),

           $user->email,

           $secret,

           200

       );

       return view('2fa/enableTwoFactor', ['image' => $imageDataUri, 'secret' => $secret]);

   }

   private function generateSecret()

   {

       $randomBytes = random_bytes(10);

       return Base32::encodeUpper($randomBytes);

   }

By following these steps, you can store the 2FA secret in the user's database in Laravel.

Citations:
[1] https://www.sitepoint.com/2fa-in-laravel-with-google-authenticator-get-secure/
[2] https://github.com/emargareten/two-factor-laravel
[3] https://engineering.teknasyon.com/two-factor-authentication-in-laravel-applications-dbee2c8eab98?gi=11addb431efd
[4] https://www.itsolutionstuff.com/post/laravel-google-2fa-authentication-tutorial-exampleexample.html
[5] https://www.twilio.com/en-us/blog/integrate-two-factor-authentication-laravel-application-laravel-breeze