bert.hausmans/crewli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat: enterprise MFA with TOTP, email codes, backup codes, and trusted devices

Browse Source 
Three verification methods (TOTP authenticator, email code, backup codes),
trusted device management with 30-day expiry, role-based enforcement for
super_admin and org_admin, admin reset capability, and full test coverage
(46 tests). Modifies login flow to support MFA challenge/response with
temporary session tokens stored in cache.

Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
bert.hausmans
2026-04-15 20:45:55 +02:00
parent df68aa8aef
commit 948687f27e
32 changed files with 2563 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

1
api/composer.json
View File

@@ -12,6 +12,7 @@
"laravel/framework": "^12.0",
"laravel/sanctum": "^4.0",
"laravel/tinker": "^2.10.1",
"pragmarx/google2fa": "^9.0",
"spatie/laravel-activitylog": "^5.0",
"spatie/laravel-medialibrary": "^11.21",
"spatie/laravel-permission": "^7.2"