OTP Validate Package in Laravel

This package is for easy setup for OTP validation process. No hassle, just plug and play. Following the steps mentioned below and you will be able to get a fully working OTP Validation system. You can use this later for authentication or e-commerce production selling, order confirmation.

Major change from version v2.0.1

Only Supports 7.4 and above & 8.0 and above, so any PHP versions below users will need to upgrade to use the latest version onwards.

• PHP version 7.4 and above
• PHP version 8.0 and above

If you are using PHP 7.4 below, please use version v1.4.0.

Installation

Install Package

Require this package with composer:

composer require ferdous/laravel-otp-validate

Add Service Provider & Facade

For Laravel 5.5+

Once the package is added, the service provider and facade will be auto discovered.

For Older versions of Laravel

Add the ServiceProvider to the providers array in config/app.php:

Ferdous\OtpValidator\OtpValidatorServiceProvider::class

Add the Facade to the aliases array in config/app.php:

'OtpValidator' => Ferdous\OtpValidator\OtpValidatorServiceProvider::class

Publish Config

Once done, publish the config to your config folder using:

php artisan vendor:publish --provider="Ferdous\OtpValidator\OtpValidatorServiceProvider"

This command will create a config/otp.php file.

Email Configs

From the .env file the email configs are setup. No other changes required.

See the otp.php file for optional customizations such as the ability to specify a custom Mailable class.

SMS Configs

As the SMS Gateways use different methods and also extra headers and params, you may need to update the sms configs in the otp.php file.

Migrate Database

Run the following command to create the otps table.

php artisan migrate

It will create a otps table with the required columns.

Environment

Add the following Key-Value pair to the .env file in the Laravel application

# Basic OTP Configs
OTP_SERVICE='enabled'
OTP_TABLE_NAME='otps'
OTP_TIMEOUT=120
OTP_DIGIT=5
OTP_RESEND_SERVICE='enabled'
OTP_MAX_RETRY=2
OTP_MAX_RESEND=1
# Company and Service
OTP_SERVICE_NAME=
OTP_COMPANY_NAME=
# OTP via Email / SMS
OTP_SEND_BY_EMAIL=1
OTP_SEND_BY_SMS=1
# Email Configurations
OTP_EMAIL_FROM=
OTP_EMAIL_FROM_NAME=
OTP_EMAIL_SUBJECT=
# SMS Configurations
OTP_SMSC_URL='https://sms'
OTP_SMSC_METHOD=
OTP_COUNTRY_CODE=
OTP_SMSC_OVER_JSON=
OTP_SMSC_PARAM_TO_NAME=
OTP_SMSC_PARAM_MSG_NAME=
OTP_SMSC_USER=
OTP_SMSC_PASS=
AWS_SNS_VERSION=
AWS_SNS_KEY=
AWS_SNS_SECRET=
AWS_SNS_REGION=

Definitions

Definition of the features in config are:

• service : enable/disable OTP Service
• timeout: timeout for OTP
• digit: OTP Digit
• resend-service: enable/disable resend Service
• max-retry: max retry for a single request
• max-resend: max resend for a single request
• service-name: for which the service is used
• company-name: for which company
• send-by: there are 3 ways to share otp (Email/SMS/AWS SNS)
• email: this key specifies the required information for email (e.g. from, name, subject etc.)
• sms: configure with SMS gateway to send SMS. (Universal Configurator)

Defining Send By on Runtime

The config method can be used to set send-by [ SMS / Email / SNS ] at runtime.

config('otp.send-by.email', 1);
config('otp.send-by.sms', 0);

OTP Request Templates

Once the template files are published, open resources/views/vendor/template-otp/

Sample Controller

Run the following command to create a controller.

php artisan make:controller OtpController

Below is a sample for calling the OTP Validator in OtpController.

namespace App\Http\Controllers;

use Ferdous\OtpValidator\Object\OtpRequestObject;
use Ferdous\OtpValidator\OtpValidator;
use Ferdous\OtpValidator\Object\OtpValidateRequestObject;

class OtpController extends Controller
{
    /**
     * @return array
     */
    public function requestForOtp()
    {
        return OtpValidator::requestOtp(
            new OtpRequestObject('1432', 'buy-shirt', '01711084714', 'ferdousul.haque@gmail.com')
        );
    }

    /**
     * @param Request $request
     * @return array
     */
    public function validateOtp(Request $request)
    {
        $uniqId = $request->input('uniqueId');
        $otp = $request->input('otp');
        return OtpValidator::validateOtp(
            new OtpValidateRequestObject($uniqId,$otp)
        );
    }

    /**
     * @param Request $request
     * @return array
     */
    public function resendOtp(Request $request)
    {
        $uniqueId = $request->input('uniqueId');
        return OtpValidator::resendOtp($uniqueId);
    }

}

Add the following to the routes/web.php file.

Route::get('/test/otp-request', [\App\Http\Controllers\OtpController::class, 'requestForOtp']);
Route::get('/test/otp-validate', [\App\Http\Controllers\OtpController::class, 'validateOtp']);
Route::get('/test/otp-resend', [\App\Http\Controllers\OtpController::class, 'resendOtp']);

Response/Error Descriptions

The below table describes the error codes generated in the response and their corresponding meanings.

{
  "code": 201,
  "message": "OTP Sent to the recipient",
  "requestId": 1432,
  "type": "buy-shirt"
}

Request OTP Response Codes

OTP Validate Response Codes

License

MIT

Special Thanks

• Nahid Bin Azhar For the Feedback.

Support

• For any bugs, please help to create an issue.
• For any problem installing or configurations, feel free to knock me. ferdousul.haque@gmail.com

Featured Article

• How to create a laravel OTP/Security code verification for e-commerce website

Example SMS Gateways Configuration

Muthofun

If you are trying to integrate one of most popular SMS gateway of Bangladesh, muthofun is a popular Bulk SMS Gateway in our country. Here is a sample configuration for the Muthofun SMS Gateway

'smsc' => [
    'url' => env('OTP_SMSC_URL'),
    'method' => env('OTP_SMSC_METHOD', 'GET'),
    'add_code' => env('OTP_COUNTRY_CODE',null),
    'json' => env('OTP_SMSC_OVER_JSON',1),
    'headers' => [],
    'params' => [
        'send_to_param_name' => env('OTP_SMSC_PARAM_TO_NAME','number'),
        'msg_param_name' => env('OTP_SMSC_PARAM_MSG_NAME','msg'),
        'others' => [
            'user' => env('OTP_SMSC_USER'),
            'password' => env('OTP_SMSC_PASS'),
            'unicode' => 1
        ],
    ]
];

.env file will be as the following

OTP_SMSC_URL='http://clients.muthofun.com:8901/esmsgw/sendsms.jsp?'
OTP_SMSC_METHOD='GET'
OTP_COUNTRY_CODE='88'
OTP_SMSC_OVER_JSON=0
OTP_SMSC_PARAM_TO_NAME='mobiles'
OTP_SMSC_PARAM_MSG_NAME='sms'
OTP_SMSC_USER='YourUserName'
OTP_SMSC_PASS='YourPassWord'

Infobip

Example for integrating with the infobip SMS platform, renowned SMS Gateway.

using GET method

'smsc' => [
    'url' => env('OTP_SMSC_URL'),
    'method' => env('OTP_SMSC_METHOD', 'GET'),
    'add_code' => env('OTP_COUNTRY_CODE',null),
    'json' => env('OTP_SMSC_OVER_JSON',1),
    'headers' => [],
    'params' => [
        'send_to_param_name' => env('OTP_SMSC_PARAM_TO_NAME','number'),
        'msg_param_name' => env('OTP_SMSC_PARAM_MSG_NAME','msg'),
        'others' => [
            'username' => env('OTP_SMSC_USER'),
            'password' => env('OTP_SMSC_PASS'),
            'from' => 'InfoSMS',
            'flash' => true
        ],
    ]
];

.env file will be as the following

OTP_SMSC_URL='https://{baseUrl}/sms/1/text/query?'
OTP_SMSC_METHOD='GET'
OTP_COUNTRY_CODE='88'
OTP_SMSC_OVER_JSON=0
OTP_SMSC_PARAM_TO_NAME='to'
OTP_SMSC_PARAM_MSG_NAME='text'
OTP_SMSC_USER='YourUserName'
OTP_SMSC_PASS='YourPassWord'

msg91

Sample for integrating with the msg91 SMS gateway.

using GET method

'smsc' => [
        'url' => env('OTP_SMSC_URL'),
        'method' => env('OTP_SMSC_METHOD', 'GET'),
        'add_code' => env('OTP_COUNTRY_CODE',null),
        'json' => env('OTP_SMSC_OVER_JSON',1),
        'headers' => [],
        'params' => [
            'send_to_param_name' => env('OTP_SMSC_PARAM_TO_NAME','number'),
            'msg_param_name' => env('OTP_SMSC_PARAM_MSG_NAME','msg'),
            'others' => [
                'authkey' => 'YourAuthKey',
                'sender' => 'YourSenderId',
                'route' => '1',
                'country' => '88',
            ],
        ],
        'wrapper' => 'sms',
    ];

.env file will be as the following

OTP_SMSC_URL='https://control.msg91.com/api/v2/sendsms?'
OTP_SMSC_METHOD='POST'
OTP_COUNTRY_CODE='88'
OTP_SMSC_OVER_JSON=1
OTP_SMSC_PARAM_TO_NAME='to'
OTP_SMSC_PARAM_MSG_NAME='text'
OTP_SMSC_USER='YourUserName'
OTP_SMSC_PASS='YourPassWord'

Using AWS Simple Notification Service (SNS)

Sample steps for integrating with the AWS SNS.

Create a IAM user with the appropriate policy permissions. Go to the IAM service and create your application’s user; be sure to capture its AWS Key and AWS Secret values and put this into your environment file. From there add the following policy to the user or its group.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "AllowSendingSMSMessages",
            "Effect": "Allow",
            "Action": [
                "sns:Publish",
                "sns:CheckIfPhoneNumberIsOptedOut"
            ],
            "Resource": [
                "*"
            ]
        }
    ]
}

Here we set the ability to publish, check for opt-outs, and apply this across a wildcard resource instead of a specific topic as we will be sending notifications directly to phone numbers and not an SNS topic.