Shadcn Theme   •   Social Login   •   Multiple Layouts   •   TOTP 2FA   •   OTP   •   Captcha   •   Lockouts   •   Email Templates  

Powerful
Authentication
for Laravel 12

Professional, customizable login and registration pages with multiple layouts, dark/light themes, captcha, OTP, email verification, password reset, lockout protection, and seamless integration with the Tyro package.

composer require hasinhayder/tyro-login
Explore Features View on GitHub
8
Social Providers
5
Layout Options
100%
Customizable

Why Choose Tyro Login

Everything you need for beautiful, secure authentication pages

Multiple Layouts

Choose from 5 beautiful layouts: centered, split-left, split-right, fullscreen, and card. Each layout is fully responsive and professionally designed.

Dark/Light Theme

Automatic theme detection with manual toggle. Respects user preferences and system settings out of the box.

Lockout Protection

Cache-based lockout protection after failed attempts. Configurable limits, duration, and beautiful lockout page.

Math Captcha

Simple addition/subtraction captcha to prevent automated submissions. No external APIs required.

Login OTP

Two-factor authentication via email OTP. Beautiful digit-by-digit input with resend and cooldown support.

TOTP 2FA

Time-Based 2FA via QR code. Compatible with Google Authenticator, Authy, Microsoft Authenticator, and more.

Email Verification

Optional email verification for new registrations. Secure signed URLs with configurable expiration times.

Password Reset

Complete forgot password flow with secure reset links. Users can reset passwords and auto-login after reset.

Beautiful Emails

Sleek, minimal HTML email templates for OTP, password reset, email verification, and welcome emails. Fully customizable.

Tyro Integration

Seamless integration with the Tyro package. Auto-assign roles to new users upon registration.

Social Login

Sign in with Google, Facebook, GitHub, Twitter/X, LinkedIn, Bitbucket, GitLab, and Slack. Auto-link accounts by email.

shadcn Theme

Uses shadcn/ui CSS variables for easy customization. Edit themes visually with tweakcn.com and copy-paste your colors.

Zero Build Step

No npm, webpack, or vite required. Just install via Composer and you're ready to go. Works immediately.

Highly Configurable

Customize colors, logos, redirects, messages, and more via config file or environment variables.

See It in Action

Beautiful, professional authentication screens for every scenario

Tyro Login - Light Theme
Login - Light Theme
Tyro Login - Dark Theme
Login - Dark Theme
Tyro Login - Registration Dark Theme
Registration - Dark Theme
Tyro Login - Split Left Layout
Split Left Layout
Tyro Login - Split Right Layout
Split Right Layout
Tyro Login - Fullscreen Layout
Fullscreen Layout
Tyro Login - Card Layout Light
Card Layout - Light
Tyro Login - Card Layout Dark
Card Layout - Dark
Tyro Login - Login Attempts Warning
Login Attempts Warning
Tyro Login - Attempts Warning Dark
Attempts Warning - Dark
Tyro Login - Lockout Screen Light
Lockout Screen - Light
Tyro Login - Lockout Screen Dark
Lockout Screen - Dark
Tyro Login - Forgot Password Dark
Forgot Password - Dark
Tyro Login - Math Captcha Light
Math Captcha - Light
Tyro Login - Math Captcha Dark
Math Captcha - Dark
Tyro Login - OTP Verification Light
OTP Verification - Light
Tyro Login - OTP Verification Dark
OTP Verification - Dark
Tyro Login - Email Verification After Registration
Email Verification - After Registration
Tyro Login - Unverified Email Login
Unverified Email - Login Attempt
Tyro Login - Social Login Light
Social Login - Light
Tyro Login - Social Login Dark
Social Login - Dark

Beautiful Layout Options

Choose the perfect layout for your application's branding

Centered Layout

Centered Layout

Clean, minimal design with the form centered on a gradient background. Perfect for a modern, focused login experience.

TYRO_LOGIN_LAYOUT=centered
Split Left Layout

Split Left Layout

Two-column design with a stunning background image on the left and the form on the right. Great for showcasing your brand.

TYRO_LOGIN_LAYOUT=split-left
Split Right Layout

Split Right Layout

Form on the left with background image on the right. Another great option for brand-focused authentication pages.

TYRO_LOGIN_LAYOUT=split-right
Fullscreen Layout

Fullscreen Layout

Full-screen background image with glassmorphism form overlay. Features frosted glass effect and backdrop blur for a premium, modern look.

TYRO_LOGIN_LAYOUT=fullscreen
Card Layout

Card Layout

Floating card design with subtle radial gradient background patterns. Smooth hover animations and elevated shadows for visual depth.

TYRO_LOGIN_LAYOUT=card

Math Captcha Protection

Simple yet effective bot protection without external dependencies

Human Verification Made Easy

Add a simple math captcha to your login and registration forms. Users solve a basic addition or subtraction problem to prove they're human.

  • No external APIs or services required
  • Enable separately for login and/or registration
  • Configurable number range (default 1-10)
  • Customizable labels and error messages
  • Session-based answer storage
.env
# Enable captcha on login form
TYRO_LOGIN_CAPTCHA_LOGIN=true

# Enable captcha on registration form
TYRO_LOGIN_CAPTCHA_REGISTER=true

2FA via Email OTP

Add an extra layer of security with email-based one-time passwords

Secure Login with Email OTP

After entering valid credentials, users receive a one-time password via email. They must enter the OTP to complete the login process.

  • Beautiful digit-by-digit input UI
  • Configurable OTP length (4-8 digits)
  • Expiration timer with visual countdown
  • Resend functionality with cooldown
  • Cache-based storage (no database required)
  • Fully customizable labels and messages
.env
# Enable OTP verification for login
TYRO_LOGIN_OTP_ENABLED=true

# OTP configuration
TYRO_LOGIN_OTP_LENGTH=4      # 4-8 digits
TYRO_LOGIN_OTP_EXPIRE=5      # minutes
TYRO_LOGIN_OTP_MAX_RESEND=3  # max resend attempts
TYRO_LOGIN_OTP_RESEND_COOLDOWN=60  # seconds

Social Login with OAuth

Let users sign in with their favorite social accounts using Laravel Socialite

8 Providers Out of the Box

Tyro Login integrates seamlessly with Laravel Socialite to provide OAuth authentication with popular social platforms. Each provider can be individually enabled or disabled.

  • Google, Facebook, GitHub, Twitter/X
  • LinkedIn, Bitbucket, GitLab, Slack
  • Auto-link accounts by matching email
  • Auto-register new users from social login
  • Secure token storage with encryption
  • Beautiful icon-based buttons on login/register
.env
# Enable social login
TYRO_LOGIN_SOCIAL_ENABLED=true

# Enable specific providers
TYRO_LOGIN_SOCIAL_GOOGLE=true
TYRO_LOGIN_SOCIAL_GITHUB=true
TYRO_LOGIN_SOCIAL_FACEBOOK=true
TYRO_LOGIN_SOCIAL_SLACK=true

# Auto-link to existing accounts by email
TYRO_LOGIN_SOCIAL_LINK_EXISTING=true

# Auto-create new users from social login
TYRO_LOGIN_SOCIAL_AUTO_REGISTER=true

Time-Based 2FA with QR Code

Industry-standard TOTP authentication compatible with all major authenticator apps

Scan & Secure

Enable Time-Based One-Time Password (TOTP) two-factor authentication for maximum security. Users scan a QR code with their authenticator app and enter time-based codes on each login.

  • Works with Google Authenticator, Authy, Microsoft Authenticator
  • QR code setup with manual entry key fallback
  • Encrypted secrets and recovery codes in database
  • Backup recovery codes (view, copy, download, regenerate)
  • Optional mandatory setup for new/existing users
  • Admin command to reset 2FA for locked-out users
Enable with a single line of config
TYRO_LOGIN_2FA_ENABLED=true
View Documentation

Get Started in 2 Steps

From installation to beautiful auth pages in under a minute

1

Install the Package

composer require hasinhayder/tyro-login
2

Run the Installer

php artisan tyro-login:install

Publishes config and sets up routes automatically

That's it! Visit /login to see your beautiful new authentication pages.

Read Full Documentation

Highly Configurable

Customize everything via config or environment variables

  • Custom branding colors and logos
  • Math captcha for bot protection
  • Two-factor authentication via email OTP
  • Email verification for new registrations
  • Password reset with secure links
  • Lockout protection with custom limits
  • Debug mode for development
config/tyro-login.php
return [
    // Layout: 'centered', 'split-left', 'split-right'
    'layout' => env('TYRO_LOGIN_LAYOUT', 'centered'),

    // Custom branding
    'branding' => [
        'app_name' => env('APP_NAME', 'Laravel'),
        'logo' => env('TYRO_LOGIN_LOGO', null),
    ],

    // Math captcha protection
    'captcha' => [
        'enabled_login' => env('TYRO_LOGIN_CAPTCHA_LOGIN', false),
        'enabled_register' => env('TYRO_LOGIN_CAPTCHA_REGISTER', false),
    ],

    // Two-factor authentication via OTP
    'otp' => [
        'enabled' => env('TYRO_LOGIN_OTP_ENABLED', false),
        'length' => 4, // 4-8 digits
        'expire' => 5, // minutes
    ],

    // Lockout protection (cache-based)
    'lockout' => [
        'enabled' => true,
        'max_attempts' => 5,
        'duration_minutes' => 15,
    ],

    // Debug mode for development
    'debug' => env('TYRO_LOGIN_DEBUG', false),
];

Secure by Default

Built with security best practices from the ground up

CSRF Protection

All forms include CSRF tokens for protection against cross-site request forgery attacks.

Lockout Protection

Temporarily lock accounts after too many failed attempts. Cache-based, no database required.

Password Hashing

Uses Laravel's secure bcrypt hashing for all passwords. Industry-standard security.

Session Regeneration

Automatic session regeneration on login prevents session fixation attacks.

Input Validation

Server-side validation with proper sanitization and error messages.

Email Verification

Verify user email addresses before granting access. Secure signed URLs with expiration.

Secure Password Reset

Time-limited, signed URLs for password reset. Auto-login after successful reset.

Captcha

Simple configurable math challenges to block bots. No external services or API keys required.

Login OTP

Two-factor authentication via email. One-time passwords with expiration and resend limits.

Ready-to-Use Routes

All authentication routes registered automatically

Method URI Name Description
GET /login tyro-login.login Show login form
POST /login tyro-login.login.submit Handle login
GET /register tyro-login.register Show registration form
POST /register tyro-login.register.submit Handle registration
GET/POST /logout tyro-login.logout Handle logout
GET /lockout tyro-login.lockout Show lockout page
GET /email/verify tyro-login.verification.notice Verification notice
GET /email/not-verified tyro-login.verification.not-verified Unverified email page
GET /email/verify/{token} tyro-login.verification.verify Verify email
POST /email/resend tyro-login.verification.resend Resend verification
GET /forgot-password tyro-login.password.request Forgot password form
POST /forgot-password tyro-login.password.email Send reset link
GET /reset-password/{token} tyro-login.password.reset Reset password form
POST /reset-password tyro-login.password.update Update password
GET /otp/verify tyro-login.otp.verify Show OTP form
POST /otp/verify tyro-login.otp.submit Verify OTP code
POST /otp/resend tyro-login.otp.resend Resend OTP
GET /otp/cancel tyro-login.otp.cancel Cancel OTP verification
GET /auth/{provider}/redirect tyro-login.social.redirect Redirect to OAuth provider
GET /auth/{provider}/callback tyro-login.social.callback Handle OAuth callback

Frequently Asked Questions

Everything you need to know about Tyro Login

Getting Started

Tyro Login is a Laravel package that provides beautiful, customizable login and registration pages. It includes multiple layout options, dark/light themes, lockout protection, and seamless integration with the Tyro RBAC package.

Tyro Login requires PHP 8.2 or higher and Laravel 12. It works with any database supported by Laravel (MySQL, PostgreSQL, SQLite, SQL Server).

No, Tyro Login works independently. However, if you have the Tyro package installed, it will automatically integrate with it to assign default roles to new users upon registration.

Installation & Setup

Ensure you're using PHP 8.2+ and Laravel 12. Run composer update first. Check your minimum-stability in composer.json. If using older Laravel versions, upgrade your framework first.

Tyro Login works seamlessly with Laravel's default authentication system. No migration is required - your existing users and data remain completely unchanged. Simply install Tyro Login and it will integrate automatically. You can optionally disable Laravel's default auth routes in routes/web.php if you prefer to use only Tyro Login's routes.

Configuration & Customization

Yes! Run php artisan tyro-login:publish --views to publish the Blade templates to your application. You can then modify them as needed. You can also customize colors and branding via environment variables without touching any code.

Set the TYRO_LOGIN_LAYOUT environment variable to centered, split-left, or split-right. You can also set a custom background image URL with TYRO_LOGIN_BACKGROUND_IMAGE.

Publish views with php artisan tyro-login:publish --views and modify CSS. You can also override CSS variables or use your own stylesheet.

Check your mail configuration in config/mail.php. Verify SMTP settings and ensure TYRO_LOGIN_DEBUG=true to see logged email URLs during development. Some email providers may require additional configuration.

Yes! Set TYRO_LOGIN_USER_MODEL to your custom User model class. Your model just needs to implement Laravel's Authenticatable contract.

Yes! Use TYRO_LOGIN_ROUTE_PREFIX to add a prefix (e.g., 'auth' makes URLs /auth/login). All routes will be prefixed automatically.

Security Features

When enabled, users are locked out after a configurable number of failed login attempts (default 5). The lockout is stored in cache (no database required) and automatically expires after a configurable duration (default 15 minutes). A beautiful lockout page shows a countdown timer.

The math captcha displays a simple addition or subtraction problem (e.g., "5 + 3 = ?") on your login and/or registration forms. Enable it with TYRO_LOGIN_CAPTCHA_LOGIN=true or TYRO_LOGIN_CAPTCHA_REGISTER=true. No external APIs required - answers are stored in the session.

Set TYRO_LOGIN_OTP_ENABLED=true in your .env file. After entering valid credentials, users receive a one-time password via email. Configure OTP length (4-8 digits) with TYRO_LOGIN_OTP_LENGTH and expiration time with TYRO_LOGIN_OTP_EXPIRE. All OTP data is stored in cache - no database required.

Yes! It includes CSRF protection, secure password hashing, session regeneration, and uses signed URLs for sensitive operations. Always use HTTPS in production and never enable debug mode.

Debug mode (TYRO_LOGIN_DEBUG=true) logs OTP codes, verification URLs, and password reset URLs to storage/logs/laravel.log. This makes it easy to test email-based features during development without actually sending emails. Never enable this in production!

Email & Password Features

Both features use secure, time-limited signed URLs stored in cache (no database migrations required). Email verification can be enabled via TYRO_LOGIN_REQUIRE_VERIFICATION=true. Password reset shows a "Forgot Password?" link on the login page. In development, verification and reset URLs are logged to the console for easy testing.

Yes! Tyro Login works with any email service configured in Laravel's mail.php (SendGrid, Mailgun, SES, etc.). Just configure your service and emails will work.

Enable debug mode with TYRO_LOGIN_DEBUG=true. All email URLs, OTP codes, and reset tokens will be logged to storage/logs/laravel.log. For development, you can also use email debugging services like MailTrap or Mailpit to capture and inspect sent emails without affecting real users. These services provide real-time email previews, delivery tracking, and webhook testing capabilities.

Social Login

Tyro Login supports 8 OAuth providers: Google, Facebook, GitHub, Twitter/X, LinkedIn, Bitbucket, GitLab, and Slack. Each provider can be individually enabled or disabled.

Run php artisan tyro-login:install --with-social to install with social login support. Then set TYRO_LOGIN_SOCIAL_ENABLED=true and enable desired providers like TYRO_LOGIN_SOCIAL_GOOGLE=true. Configure provider credentials in config/services.php.

Yes! When TYRO_LOGIN_SOCIAL_LINK_EXISTING=true (default), if a user signs in with a social account that has the same email as an existing user, the accounts are automatically linked and the user is logged in.

Technical & Performance

No! Tyro Login uses Laravel's cache system for all temporary data (lockouts, OTP codes, verification tokens, password reset tokens). This means zero database migrations and works with any cache driver (file, Redis, Memcached, etc.).

Minimal impact. It uses cache for temporary data (no database queries) and lazy-loads views. Email operations can be queued for better performance.

Tyro Login uses Laravel's cache system. Ensure your cache driver is properly configured in config/cache.php. File cache works out of the box, Redis/Memcached need proper setup.

Tyro Login uses Laravel's cache system. Ensure your cache driver is properly configured in config/cache.php. File cache works out of the box, Redis/Memcached need proper setup.

Advanced Usage

Yes! Use TYRO_LOGIN_ROUTE_PREFIX to add a prefix (e.g., 'auth' makes URLs /auth/login). All routes will be prefixed automatically.

Use Laravel's built-in auth middleware or guest middleware for public pages. Tyro Login integrates seamlessly with Laravel's authentication system.

Disable debug mode (TYRO_LOGIN_DEBUG=false), use HTTPS, configure proper email service, set appropriate lockout limits, and consider rate limiting.

Yes! It works with any Laravel setup. For multi-tenant, ensure your cache and session configurations are tenant-aware.

Instant Authentication System

Get started with Tyro Login in just 2 commands

composer require hasinhayder/tyro-login
View on GitHub Documentation Tyro RBAC Package