Laravel application with modified and extended user authentication processes. Currently in development and should not be used in any production services. Goal of this project is to make safe, robust and configurable package for user authentication processes.
- Captcha in registration
- Password strength validation rule
- E-mail domain validation
- Prevent login when user has not verified it's e-mail address
- E-mail verification notification
- Information about e-mail verification after register
- Session authentication (with custom token, instead of hashed user password like laravels do)
- Config based on laravel guards, instead of custom groups, to maintain compatibility with some core functionalities, events etc.
- Generic request log with user agent/IP metadata gathering
- User session tracking
- Forcing reset password
- 2FA
- Socail login (via socialite)
- Password status (in case of login via social provider)
- Make Blacklist elements (migrations, models etc.) as separated package
- Validation based on IP geolocation and some other metadata
- Make everyting mentioned above as configurable as possible
- Convert to package