Skip to content
/ laravel-security-notifications Public

Warn your users when significant security events occur so that they aren't the next victim of an attacker.

License

MIT license
6 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Anteris-Dev/laravel-security-notifications

BranchesTags

Repository files navigation

[WIP] Laravel Security Notifications

Tests Style

This package adds security notifications to warn your users when significant security events occur so that they aren't the next victim of an attacker.

WarnsOfEmailChanges

The Anteris\LaravelSecurityNotifications\Concerns\WarnsOfEmailChanges trait adds an updatingEmail event to your model and automatically sends a notification to the user when their email is changed. Note that the notification is sent to their previous email, not the updated one.

WarnsOfPasswordChanges

The Anteris\LaravelSecurityNotifications\Concerns\WarnsOfPasswordChanges trait adds an updatingPassword event to your model and automatically sends a notification to the user when their password is changed. Note that if their email is changed at the same time, the notification is sent to their previous email, not the updated one, in case an attacker is attempting to change their email as well.

WarnsOfTwoFactorChanges

The Anteris\LaravelSecurityNotifications\Concerns\WarnsOfTwoFactorChanges trait adds an updatingTwoFactorSecret event to your model and automatically sends a notification to the user when their two factor secret is changed. Note that if their email is changed at the same time, the notification is sent to their previous email, not the updated one, in case an attacker is attempting to change their email as well.

Configuring Attributes

To configure the attributes used on the model to determine changes, publish the configuration file with the command:

php artisan vendor:publish --provider="Anteris\LaravelSecurityNotifications\LaravelSecurityNotificationsServiceProvider" --tag=config

Now open the file config/laravel-security-notifications.php and create a record for your model under the models array. For example:

return [
    'models' => [
        App\Models\User::class => [
            'email' => 'some_other_email_attribute',
            'password' => 'some_other_password_attribute',
            'two_factor_secret' => 'some_other_two_factor_attribute',
        ]  
    ]
];

Configuring Emails

To modify the emails sent to your users, publish the blade files by running:

php artisan vendor:publish --provider="Anteris\LaravelSecurityNotifications\LaravelSecurityNotificationsServiceProvider" --tag=views

This will place the blade files in resources/views/vendor/laravelSecurityNotifications.

About

Warn your users when significant security events occur so that they aren't the next victim of an attacker.

Resources

Readme

License

MIT license
Activity
Custom properties

Stars

6 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages