README

Integrate FIDO U2F into Laravel 5.x applications. You'll need to be accessing your application from an App ID compliant domain; localhost support is finicky.

Install

composer require certly/laravel-u2f

In config/app.php, add the provider Certly\U2f\LaravelU2fServiceProvider::class to the providers array and 'U2f' => Certly\U2f\U2fServiceFacade::class to the aliases array.

Publishing

This will copy the needed resources (views, CSS, and JavaScript) to your project so you can modify them.

php artisan vendor:publish --provider="Certly\U2f\U2fServiceProvider"
php artisan migrate

You can add the following to your mix.scripts call if you're using Elixir to automatically include the needed JavaScript in your central JavaScript file.

elixir(function(mix) {
    mix.scripts([
        // ...
        'u2f/app.js',
        'u2f/u2f.js',

The included views assume there is an app view. If this isn't the case, you'll need to manually modify the views in the u2f folder (under resources/views).

Middleware

In the app/Http/Kernel.php file, add the following to $routeMiddleware. This middleware is called internally by the package, so it is important that it is present.

protected $routeMiddleware = [
    // ...
    'u2f' => Certly\U2f\Http\Middleware\U2f::class,
];

Usage

Middleware

    Route::get('admin/profile', ['middleware' => ['auth', 'u2f'], function () {
        //
    }]);

Configuration

config/u2f.php is commented and will be created when you publish the provider via the above command.

Security

Security issues can be reported via HackerOne or via email at ian@certly.io.

Credits

• Arnaud LAHAXE
• Ian Carroll

License

MIT