Download the PHP package andrewdyer/jwt-auth without Composer

On this page you can find all versions of the php package andrewdyer/jwt-auth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Example code of andrewdyer/jwt-auth

Informations about the package jwt-auth

JWT Auth

Latest Stable Version Total Downloads License PHP Version Required

JWT Auth

A framework-agnostic PHP JWT authentication library for managing tokens, built around contracts for user resolution and claims generation.

Introduction

This library provides a clean, contract-driven approach to JSON Web Token authentication by coordinating token issuance and parsing while delegating token handling, user resolution, and claims generation to user-defined implementations. By relying on simple interfaces, it remains fully framework-agnostic and unopinionated, allowing integration with any authentication system or JWT library.

Prerequisites

Installation

Getting Started

1. Implement the JWT subject

Any class that represents an authenticated user or entity must implement JwtSubjectInterface. This provides the identifier that will be stored in the token's sub claim.

2. Implement the auth provider

A class implementing AuthProviderInterface must be provided to resolve users by credentials or by ID. JwtAuth calls these methods internally during attempt() and authenticate().

3. Implement the JWT provider

A class implementing JwtProviderInterface handles token encoding and decoding. This is the integration point for a preferred JWT library such as firebase/php-jwt or lcobucci/jwt.

4. Implement the claims factory

A class implementing ClaimsFactoryInterface builds the JWT claims for a given user. The iat, nbf, and exp fields accept plain Unix timestamps from time(), Carbon, or any other source.

When using Carbon, Carbon::now()->timestamp is a drop-in replacement for time().

Usage

Create a JwtAuth instance

The three dependencies are wired up to create a JwtAuth instance:

Attempt a login

Validates a username and password and returns a signed token. Throws InvalidCredentialsException if the credentials are invalid.

Authenticate a token

Decodes a token, verifies it, and returns the corresponding user. Throws InvalidTokenException if the token is invalid or the user cannot be found.

Parse a token

Decodes a token into a Claims object without looking up the user.

Claims

The Claims class is a read-only value object representing the payload of a JWT. It exposes the standard registered claims as typed public properties:

Property Type Description
iss string Issuer
aud ?string Audience
iat int Issued-at timestamp
nbf int Not-before timestamp
exp int Expiry timestamp
jti string Unique token identifier
sub int\|string Subject identifier (user ID)
custom array Any additional custom claims

A Claims instance can be serialized back to an array using toArray(), which omits null values:

A Claims instance can also be constructed directly from an array. The claims iss, iat, nbf, exp, jti, and sub are all required; aud is optional and defaults to null if omitted. All values must match their expected types — throws InvalidTokenException if any required claim is missing or any claim has an invalid type:

Any keys not in the standard set are captured in the custom array.

Exceptions

Exception Thrown when
InvalidCredentialsException attempt() is called and the credentials do not resolve to a valid user
InvalidTokenException A token cannot be decoded, required claims are missing or have invalid types, or the subject cannot be resolved to a valid user

Both extend RuntimeException.

License

Licensed under the MIT license and is free for private or commercial projects.

All versions of jwt-auth with dependencies

PHP Build Version
Package Version
Requires php Version ^8.3
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package andrewdyer/jwt-auth contains the following files

Loading the files please wait ...