Actually the magnificent piece of software called backpack for laravel cannot handle natively the 2fa auth, for now, at may of 2022.
We would like to add to your project this package: https://github.com/thecodework/two-factor-authentication
To be able to integrate with backpack for laravel we must override the login controller of backpack
How can we do it?
On
We reached our goal overriding LoginController and ResetPasswordController of bakcpack.
To be precise: after a succesfull login, we immediately logout, send OTP code via sms and redirected to form we ask for this cde.
Then, posting the code, with an hash in the db, we can check both user, hash, token and validity of token.
If all valid, we actually login the user
For password recovery, after changing password, instead of redirect to home or similar we logout and redirect to login so user can do a login without bypass otp
As much I would like to have everything integrated with Backpack, unfortunatelly time/money/tech does not allow us to do that. I really hope sometime I can dedicate more of my time to this "goodies" (2fa, graphQL etc etc).
For now, we've just added a simple way for people that don't want to use the default backpack auth to disable it and implemente their own auth mechanism if needed.
https://backpackforlaravel.com/docs/5.x/base-how-to#customizing-the-auth-controllers
Don't stop on this tag (customizing the auth controllers), later down on that page there is more info about auth that could help you here.
If you need my help with something you know where to find me.
Cheers