Laravel 5 Multi-Factor Authentication

Question

I'm looking at implementing two-factor authentication for one of my projects. I've seen: https://github.com/bitbeans/Yubikey
https://github.com/antonioribeiro/google2fa
https://github.com/lahaxearnaud/laravel-u2f

And I want to leave the choice up to my users, on which and how many methods of authentication will be required. As such I know I'm looking at coding something special to achieve this but I'm not sure where to start.

My goal is to enable users to not use any additional authentication methods or allow them to use all additional authentication methods available. Ideally the login form would only require username/password; upon entering correct credentials the user would be directed to a new page for every authentication method the user has chosen to use.

laravel-u2f uses middleware; which I'm not against doing, but seems like too much extra logic to process for every request instead of just when logging the user in.

I've thought about replacing the default Auth driver but I'm not sure that's the best thing to do.

My final thought; and what I'm leaning towards is listening for the "auth.attempt" event and using that to check what additional authentication needs to be done. But I'm not sure how the best way to process getting additional authentication information from that.

So the reason I'm posting is looking for input on the best way to achieve what I'm looking for.

Answer 1

You could place a value e.g. full_authenticated

Session::put('full_authenticated', 'false');

and use it in the existing authentication middleware. This way you cut the logic in the middleware section to one comparison.

If you want to add later more methods for authentication you should implement an interface/contract for a general authentication method. Then you write a authentication manager class which sets full_authenticated in the session and handles the different methods for the different users.