Full setup guide for the cakephp-verification plugin.
- PHP 8.2+
- CakePHP 5.3+
- cakephp/authentication ^4.0
composer require salines/cakephp-verificationAdd it manually in src/Application.php:
use CakeVerification\CakeVerificationPlugin;
// in bootstrap():
$this->addPlugin(CakeVerificationPlugin::class);bin/cake verification:installThis copies config/verification.php into your app. Open it and adjust to
your requirements.
// src/Controller/AppController.php
public function initialize(): void
{
parent::initialize();
$this->loadComponent('Flash');
$this->loadComponent('Authentication.Authentication');
$this->loadComponent('CakeVerification.Verification');
}The plugin does not ship migrations. Add the columns you need to your users table.
| Column | Type | Notes |
|---|---|---|
email |
VARCHAR | Required |
email_verification_token |
VARCHAR(191), nullable | Token sent in link |
email_verification_token_expires |
DATETIME, nullable | Token expiry |
email_verified_at |
DATETIME, nullable | Set when verified |
| Column | Notes |
|---|---|
email |
Required (same column as above) |
| Column | Type | Notes |
|---|---|---|
phone |
VARCHAR(32), nullable | Phone number |
phone_verified_at |
DATETIME, nullable | Set after OTP success |
phone_verified |
TINYINT(1), default 0 | Optional flag |
| Column | Type | Notes |
|---|---|---|
totp_secret |
VARCHAR(255), nullable | Store encrypted |
totp_verified_at |
DATETIME, nullable | Set after first successful verify |
| Column | Type | Notes |
|---|---|---|
verification_preferences |
JSON, nullable | Stores the user's chosen OTP driver |
use Migrations\AbstractMigration;
class AddVerificationFieldsToUsers extends AbstractMigration
{
public function change(): void
{
$table = $this->table('users');
foreach ([
['email_verification_token', 'string', ['limit' => 191, 'null' => true]],
['email_verification_token_expires', 'datetime', ['null' => true]],
['email_verified_at', 'datetime', ['null' => true]],
['phone', 'string', ['limit' => 32, 'null' => true]],
['phone_verified_at', 'datetime', ['null' => true]],
['phone_verified', 'boolean', ['default' => false]],
['totp_secret', 'string', ['limit' => 255, 'null' => true]],
['totp_verified_at', 'datetime', ['null' => true]],
['verification_preferences', 'json', ['null' => true]],
] as [$col, $type, $opts]) {
if (!$table->hasColumn($col)) {
$table->addColumn($col, $type, $opts);
}
}
$table->update();
}
}Register the JSON type in your UsersTable::initialize():
public function initialize(array $config): void
{
parent::initialize($config);
// ...
$this->getSchema()->setColumnType('verification_preferences', 'json');
}Open config/verification.php and set requiredSetupSteps to the steps your
app needs. See configuration.md for the full reference.
See users_controller.md for the complete list of actions you must implement and what each one does.
- Configuration reference
- UsersController actions
- VerificationComponent
- Email verification & OTP
- SMS OTP
- TOTP
- API reference
| Topic | File |
|---|---|
| README | ../README.md |
| Verification flows (setup, login, OTP choice) | verification_flow.md |
| Installation | installation.md |
| Configuration reference | configuration.md |
| Environment variables | env.md |
| UsersController actions | users_controller.md |
| VerificationComponent | verification_component.md |
| VerificationHelper | verification_helper.md |
| Email verification & Email OTP | email_verification.md |
| SMS OTP | sms_verification.md |
| TOTP | totp_verification.md |
| Enable / disable individual steps | verificator_enable_disable.md |
| API reference | api/index.md |