Add MFA channel registry and QR code generation support

Co-authored-by: anwarx4u <anwarx4u@gmail.com>

Author: cursoragent

README.md

@@ -24,7 +24,32 @@ $ok = MFA::verifyChallenge(auth()->user(), 'email', '123456');
 $setup = MFA::setupTotp(auth()->user());
 // $setup['otpauth_url'] -> QR code; then verify
 $ok = MFA::verifyTotp(auth()->user(), '123456');
+
+// Generate QR code (base64 PNG) from existing TOTP
+$base64 = MFA::generateTotpQrCodeBase64(auth()->user(), issuer: 'MyApp');
+// <img src="$base64" />
 ```
 
 Configuration
-- See `config/mfa.php` for email/sms/totp options.
+- See `config/mfa.php` for email/sms/totp options.
+
+Extending: Custom Channels
+```php
+use CodingLibs\MFA\Contracts\MfaChannel;
+use CodingLibs\MFA\Facades\MFA;
+use Illuminate\Contracts\Auth\Authenticatable;
+
+class WhatsAppChannel implements MfaChannel {
+    public function __construct(private array $config = []) {}
+    public function getName(): string { return 'whatsapp'; }
+    public function send(Authenticatable $user, string $code, array $options = []): void {
+        // send via provider...
+    }
+}
+
+// register at boot
+MFA::registerChannel(new WhatsAppChannel(config('mfa.whatsapp', [])));
+
+// then issue
+MFA::issueChallenge(auth()->user(), 'whatsapp');
+```

src/ChannelRegistry.php

@@ -0,0 +1,33 @@
+<?php
+
+namespace CodingLibs\MFA;
+
+use CodingLibs\MFA\Contracts\MfaChannel;
+
+class ChannelRegistry
+{
+    /** @var array<string, MfaChannel> */
+    protected array $channels = [];
+
+    public function register(MfaChannel $channel): void
+    {
+        $this->channels[strtolower($channel->getName())] = $channel;
+    }
+
+    public function has(string $name): bool
+    {
+        return array_key_exists(strtolower($name), $this->channels);
+    }
+
+    public function get(string $name): ?MfaChannel
+    {
+        return $this->channels[strtolower($name)] ?? null;
+    }
+
+    /** @return array<string, MfaChannel> */
+    public function all(): array
+    {
+        return $this->channels;
+    }
+}
+

src/Channels/EmailChannel.php

@@ -2,16 +2,22 @@
 
 namespace CodingLibs\MFA\Channels;
 
+use CodingLibs\MFA\Contracts\MfaChannel;
 use Illuminate\Contracts\Auth\Authenticatable;
 use Illuminate\Support\Facades\Mail;
 
-class EmailChannel
+class EmailChannel implements MfaChannel
 {
     public function __construct(protected array $config = [])
     {
     }
 
-    public function send(Authenticatable $user, string $code): void
+    public function getName(): string
+    {
+        return 'email';
+    }
+
+    public function send(Authenticatable $user, string $code, array $options = []): void
     {
         if (! ($this->config['enabled'] ?? true)) {
             return;
@@ -25,6 +31,9 @@ public function send(Authenticatable $user, string $code): void
         $fromAddress = $this->config['from_address'] ?? null;
         $fromName = $this->config['from_name'] ?? null;
         $subject = $this->config['subject'] ?? 'Your verification code';
+        if (isset($options['subject'])) {
+            $subject = $options['subject'];
+        }
 
         Mail::raw("Your verification code is: {$code}", function ($message) use ($to, $fromAddress, $fromName, $subject) {
             $message->to($to)->subject($subject);

src/Channels/SmsChannel.php

@@ -2,16 +2,22 @@
 
 namespace CodingLibs\MFA\Channels;
 
+use CodingLibs\MFA\Contracts\MfaChannel;
 use Illuminate\Contracts\Auth\Authenticatable;
 use Illuminate\Support\Facades\Log;
 
-class SmsChannel
+class SmsChannel implements MfaChannel
 {
     public function __construct(protected array $config = [])
     {
     }
 
-    public function send(Authenticatable $user, string $code): void
+    public function getName(): string
+    {
+        return 'sms';
+    }
+
+    public function send(Authenticatable $user, string $code, array $options = []): void
     {
         if (! ($this->config['enabled'] ?? true)) {
             return;
@@ -23,7 +29,7 @@ public function send(Authenticatable $user, string $code): void
             return;
         }
 
-        $message = "Your verification code is: {$code}";
+        $message = $options['message'] ?? "Your verification code is: {$code}";
 
         if ($driver === 'log') {
             Log::info('MFA SMS', ['to' => $to, 'message' => $message]);

src/Contracts/MfaChannel.php

@@ -0,0 +1,13 @@
+<?php
+
+namespace CodingLibs\MFA\Contracts;
+
+use Illuminate\Contracts\Auth\Authenticatable;
+
+interface MfaChannel
+{
+    public function getName(): string;
+
+    public function send(Authenticatable $user, string $code, array $options = []): void;
+}
+

src/MFA.php

@@ -4,6 +4,9 @@
 
 use CodingLibs\MFA\Channels\EmailChannel;
 use CodingLibs\MFA\Channels\SmsChannel;
+use CodingLibs\MFA\ChannelRegistry;
+use CodingLibs\MFA\Contracts\MfaChannel;
+use CodingLibs\MFA\Support\QrCodeGenerator;
 use CodingLibs\MFA\Models\MfaChallenge;
 use CodingLibs\MFA\Models\MfaMethod;
 use CodingLibs\MFA\Totp\GoogleTotp;
@@ -15,10 +18,19 @@
 class MFA
 {
     protected array $config;
+    protected ChannelRegistry $registry;
 
     public function __construct(array $config)
     {
         $this->config = $config;
+        $this->registry = new ChannelRegistry();
+        $this->registerDefaultChannels();
+    }
+
+    protected function registerDefaultChannels(): void
+    {
+        $this->registry->register(new EmailChannel($this->config['email'] ?? []));
+        $this->registry->register(new SmsChannel($this->config['sms'] ?? []));
     }
 
     public function setupTotp(Authenticatable $user, ?string $issuer = null, ?string $label = null): array
@@ -58,7 +70,8 @@ public function verifyTotp(Authenticatable $user, string $code): bool
     public function issueChallenge(Authenticatable $user, string $method): ?MfaChallenge
     {
         $method = strtolower($method);
-        if (! in_array($method, ['email', 'sms'], true)) {
+        $channel = $this->registry->get($method);
+        if (! $channel) {
             return null;
         }
 
@@ -74,15 +87,32 @@ public function issueChallenge(Authenticatable $user, string $method): ?MfaChall
         $challenge->expires_at = Carbon::now()->addSeconds($ttlSeconds);
         $challenge->save();
 
-        if ($method === 'email') {
-            (new EmailChannel($this->config['email'] ?? []))->send($user, $code);
-        } else if ($method === 'sms') {
-            (new SmsChannel($this->config['sms'] ?? []))->send($user, $code);
-        }
+        $channel->send($user, $code);
 
         return $challenge;
     }
 
+    public function registerChannel(MfaChannel $channel): void
+    {
+        $this->registry->register($channel);
+    }
+
+    public function generateTotpQrCodeBase64(Authenticatable $user, ?string $issuer = null, ?string $label = null, int $size = 200): ?string
+    {
+        $method = $this->getMethod($user, 'totp');
+        if (! $method || ! $method->secret) {
+            return null;
+        }
+
+        $issuer = $issuer ?: Arr::get($this->config, 'totp.issuer', 'Laravel');
+        $label = $label ?: (method_exists($user, 'getEmailForVerification') ? $user->getEmailForVerification() : ($user->email ?? (string) $user->getAuthIdentifier()));
+        $digits = Arr::get($this->config, 'totp.digits', 6);
+        $period = Arr::get($this->config, 'totp.period', 30);
+
+        $otpauth = GoogleTotp::buildOtpAuthUrl($method->secret, $label, $issuer, $digits, $period);
+        return QrCodeGenerator::generateBase64Png($otpauth, $size);
+    }
+
     public function verifyChallenge(Authenticatable $user, string $method, string $code): bool
     {
         $now = Carbon::now();

src/Support/QrCodeGenerator.php

@@ -0,0 +1,31 @@
+<?php
+
+namespace CodingLibs\MFA\Support;
+
+class QrCodeGenerator
+{
+    public static function generateBase64Png(string $text, int $size = 200): string
+    {
+        // Lightweight inline QR encoder using endroid/qr-code if available, else fallback to Google Charts
+        if (class_exists('Endroid\\QrCode\\QrCode')) {
+            return self::generateWithEndroid($text, $size);
+        }
+        return self::generateWithGoogleCharts($text, $size);
+    }
+
+    protected static function generateWithEndroid(string $text, int $size): string
+    {
+        $qrCode = new \Endroid\QrCode\QrCode($text);
+        $qrCode->setSize($size);
+        $pngData = $qrCode->writeString();
+        return 'data:image/png;base64,' . base64_encode($pngData);
+    }
+
+    protected static function generateWithGoogleCharts(string $text, int $size): string
+    {
+        $url = 'https://chart.googleapis.com/chart?cht=qr&chs=' . $size . 'x' . $size . '&chl=' . rawurlencode($text);
+        $pngData = @file_get_contents($url) ?: '';
+        return 'data:image/png;base64,' . base64_encode($pngData);
+    }
+}
+