{"id":19706711,"url":"https://github.com/unisharp/laravel-jwt","last_synced_at":"2025-04-29T16:33:36.049Z","repository":{"id":57075572,"uuid":"109794417","full_name":"UniSharp/laravel-jwt","owner":"UniSharp","description":"Auth guard and middleware for jwt refesh in a concurrency use case, e.g. single page web applications.","archived":false,"fork":false,"pushed_at":"2018-09-26T05:15:51.000Z","size":37,"stargazers_count":36,"open_issues_count":2,"forks_count":8,"subscribers_count":12,"default_branch":"master","last_synced_at":"2025-04-19T09:35:24.552Z","etag":null,"topics":["jwt","laravel","middleware"],"latest_commit_sha":null,"homepage":"https://blog.albert-chen.com/laravel-auto-refresh-jwt/","language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/UniSharp.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null}},"created_at":"2017-11-07T06:12:28.000Z","updated_at":"2023-06-22T10:07:19.000Z","dependencies_parsed_at":"2022-08-24T14:55:44.384Z","dependency_job_id":null,"html_url":"https://github.com/UniSharp/laravel-jwt","commit_stats":null,"previous_names":[],"tags_count":17,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UniSharp%2Flaravel-jwt","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UniSharp%2Flaravel-jwt/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UniSharp%2Flaravel-jwt/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/UniSharp%2Flaravel-jwt/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/UniSharp","download_url":"https://codeload.github.com/UniSharp/laravel-jwt/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251540540,"owners_count":21605927,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["jwt","laravel","middleware"],"created_at":"2024-11-11T21:36:40.187Z","updated_at":"2025-04-29T16:33:31.032Z","avatar_url":"https://github.com/UniSharp.png","language":"PHP","readme":"Laravel JWT\n==========\n![php-badge][ico-php-version]\n[![Latest Version on Packagist][ico-version]][link-packagist]\n[![Software License][ico-license]](LICENSE.md)\n[![Build Status][ico-travis]][link-travis]\n[![Coverage Status][ico-scrutinizer]][link-scrutinizer]\n[![Quality Score][ico-code-quality]][link-code-quality]\n[![Total Downloads][ico-downloads]][link-downloads]\n\n## Approach\n\nIf you pick `Tymon JWTAuth` as your jwt solution in your project, when you try to refresh your token, the package will blacklist your exchanged token (assume your blacklist feature is enabled). So when your client faces a concurrency use case,  your request might be rejected because that request is sent before your app renews jwt token returned by server. This package caches the refreshed jwt token in a short period to ensure your client side can get correct response even if your request carries an old token in a concurrency case.\n\n### Important Change\n\nWe change our namespace Unisharp\\JWT to UniSharp\\JWT\n\n## Installation\n\n* Via Composer\n```\ncomposer require unisharp/laravel-jwt\n```\n\n* Add the Service Provider\n\n```php\nTymon\\JWTAuth\\Providers\\LaravelServiceProvider::class,\nUniSharp\\JWT\\JWTServiceProvider::class,\n```\n\n\u003e In Lumen please use `Tymon\\JWTAuth\\Providers\\LumenServiceProvider::class,`\n\nNext, also in the app.php config file, under the aliases array, you may want to add the JWTAuth facade.\n\n```\n'JWTAuth' =\u003e 'Tymon\\JWTAuth\\Facades\\JWTAuth',\n'JWTFactory' =\u003e 'Tymon\\JWTAuth\\Facades\\JWTFactory'\n```\n\nFinally, you will want to publish the config using the following command:\n\n```\nphp artisan vendor:publish --provider=\"Tymon\\JWTAuth\\Providers\\JWTAuthServiceProvider\"\nphp artisan vendor:publish --provider=\"UniSharp\\JWT\\JWTServiceProvider\"\n```\n\nDon't forget to set a secret key in the config file!\n\n```\n$ php artisan jwt:secret\n```\n\nthis will generate a new random key, which will be used to sign your tokens.\n\nAnd you're done!\n\n## Usage\n\nOpen your `config/auth.php` config file and in place of driver under any of your guards, just add the `jwt-auth` as your driver and you're all set.\nMake sure you also set `provider` for the guard to communicate with your database.\n\n### Setup Guard Driver\n\n``` php\n// config/auth.php\n'guards' =\u003e [\n    'api' =\u003e [\n        'driver' =\u003e 'jwt-auth',\n        'provider' =\u003e 'users'\n    ],\n    \n    // ...\n],\n\n'providers' =\u003e [\n    'users' =\u003e [\n        'driver' =\u003e 'eloquent',\n        'model'  =\u003e App\\User::class,\n    ],\n],\n```\n\n### Middleware Usage\n\nMiddleware protecting the route:\n\n``` php\nRoute::get('api/content', ['middleware' =\u003e 'laravel.jwt', 'uses' =\u003e 'ContentController@content']);\n```\n\nMiddleware protecting the controller:\n\n``` php\n\u003c?php\n\nnamespace App\\Http\\Controllers;\n\nclass ContentController extends Controller\n{\n    public function __construct() \n    {\n        $this-\u003emiddleware('laravel.jwt');\n    }\n}\n```\n\u003e This middleware will automatically refresh jwt token if the existing one has been expired. The new refreshed jwt token will be carried to the response header: `Ahthorization`. The client side needs to replace your expired jwt token with the new one. \n\n**Note:** The above example assumes you've setup a guard with the name `api` whose driver is `jwt-auth` in your `config/auth.php` file as explained in \"Setup Guard Driver\" section above.\n\n\u003e The following usage examples assume you've setup your default auth guard to the one which uses the `jwt-auth` driver.\n\u003e\n\u003e You can also explicitly define the guard before making calls to any of methods by just prefixing it with `Auth::guard('api')`. \n\u003e\n\u003e Example: `Auth::guard('api')-\u003euser()`\n\n### Attempt To Authenticate And Return Token\n\n``` php\n// This will attempt to authenticate the user using the credentials passed and returns a JWT Auth Token for subsequent requests.\n$token = Auth::attempt(['email' =\u003e 'user@domain.com', 'password' =\u003e '123456']);\n```\n\n### Authenticate Once By ID\n\n``` php\nif(Auth::onceUsingId(1)) {\n    // Do something with the authenticated user\n}\n```\n\n### Authenticate Once By Credentials\n\n``` php\nif(Auth::once(['email' =\u003e 'user@domain.com', 'password' =\u003e '123456'])) {\n    // Do something with the authenticated user\n}\n```\n\n### Validate Credentials\n\n``` php\nif(Auth::validate(['email' =\u003e 'user@domain.com', 'password' =\u003e '123456'])) {\n    // Credentials are valid\n}\n```\n\n### Check User is Authenticated\n\n``` php\nif(Auth::check()) {\n    // User is authenticated\n}\n```\n\n### Check User is a Guest\n\n``` php\nif(Auth::guest()) {\n    // Welcome guests!\n}\n```\n\n### Logout Authenticated User\n\n``` php\nAuth::logout(); // This will invalidate the current token and unset user/token values.\n```\n\n### Generate JWT Auth Token By ID\n   \n``` php\n$token = Auth::generateTokenById(1);\n\necho $token;\n```\n\n### Get Authenticated User\n\nOnce the user is authenticated via a middleware, You can access its details by doing:\n\n``` php\n$user = Auth::user();\n```\n\nYou can also manually access user info using the token itself:\n\n``` php\n$user = Auth::setToken('YourJWTAuthToken')-\u003euser();\n```\n\n### Get Authenticated User's ID\n\n``` php\n$userId = Auth::id();\n```\n\n### Refresh Expired Token\n\nThough it's recommended you refresh using the middlewares provided with the package,\nbut if you'd like, You can also do it manually with this method.\n\nRefresh expired token passed in request:\n\n``` php\n$token = Auth::refresh();\n```\n\nRefresh passed expired token:\n\n``` php\nAuth::setToken('ExpiredToken')-\u003erefresh();\n```\n\n### Invalidate Token\n\nInvalidate token passed in request:\n\n``` php\n$forceForever = false;\nAuth::invalidate($forceForever);\n```\n\nInvalidate token by setting one manually:\n\n``` php\n$forceForever = false;\nAuth::setToken('TokenToInvalidate')-\u003einvalidate($forceForever);\n```\n\n### Get Token\n\n``` php\n$token = Auth::getToken(); // Returns current token passed in request.\n```\n\n### Get Token Payload\n\nThis method will decode the token and return its raw payload.\n\nGet Payload for the token passed in request:\n\n``` php\n$payload = Auth::getPayload();\n```\n\nGet Payload for the given token manually:\n\n``` php\n$payload = Auth::setToken('TokenToGetPayload')-\u003egetPayload();\n```\n\n[ico-php-version]: https://img.shields.io/travis/php-v/UniSharp/laravel-jwt.svg\n[ico-version]: https://img.shields.io/packagist/v/unisharp/laravel-jwt.svg?style=flat-square\n[ico-license]: https://img.shields.io/badge/license-MIT-brightgreen.svg?style=flat-square\n[ico-travis]: https://img.shields.io/travis/UniSharp/laravel-jwt/master.svg?style=flat-square\n[ico-scrutinizer]: https://img.shields.io/scrutinizer/coverage/g/UniSharp/laravel-jwt.svg?style=flat-square\n[ico-code-quality]: https://img.shields.io/scrutinizer/g/UniSharp/laravel-jwt.svg?style=flat-square\n[ico-downloads]: https://img.shields.io/packagist/dt/UniSharp/laravel-jwt.svg?style=flat-square\n\n[link-packagist]: https://packagist.org/packages/unisharp/laravel-jwt\n[link-travis]: https://travis-ci.org/UniSharp/laravel-jwt\n[link-scrutinizer]: https://scrutinizer-ci.com/g/UniSharp/laravel-jwt/code-structure\n[link-code-quality]: https://scrutinizer-ci.com/g/UniSharp/laravel-jwt\n[link-downloads]: https://packagist.org/packages/UniSharp/laravel-jwt\n[link-author]: https://github.com/UniSharp\n[link-contributors]: ../../contributors\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Funisharp%2Flaravel-jwt","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Funisharp%2Flaravel-jwt","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Funisharp%2Flaravel-jwt/lists"}