PHP download

PHP code example of juniorfontenele / laravel-secure-jwt

1. Go to this page and download the library: Download juniorfontenele/laravel-secure-jwt library. Choose the download type require.

2. Extract the ZIP file and open the index.php.

3. Add this code to the index.php.

    
        
<?php
require_once('vendor/autoload.php');

/* Start to develop here. Best regards https://php-download.com/ */

juniorfontenele / laravel-secure-jwt example snippets


return [
    'issuer' => env('JWT_ISSUER', env('APP_URL')),
    'ttl' => env('JWT_TTL', 300), // 5 minutes
    'nonce_ttl' => env('JWT_NONCE_TTL', 86400), // 24 hours
    'blacklist_ttl' => env('JWT_BLACKLIST_TTL', 2592000), // 30 days
];


use JuniorFontenele\LaravelSecureJwt\Facades\SecureJwt;
use JuniorFontenele\LaravelSecureJwt\CustomClaims;
use JuniorFontenele\LaravelSecureJwt\JwtKey;

// Create a signing key
$signingKey = new JwtKey(
    id: 'key-1',
    key: 'your-secret-key', // or load from secure storage
    algorithm: 'HS256'
);

// Create custom claims
$customClaims = new CustomClaims([
    'user_id' => 123,
    'email' => '[email protected]',
    'roles' => ['admin', 'editor']
]);

// Generate JWT token
$token = SecureJwt::generateToken($customClaims, $signingKey);


use JuniorFontenele\LaravelSecureJwt\Facades\SecureJwt;
use JuniorFontenele\LaravelSecureJwt\JwtKey;

// Create a verification key (same as signing key for symmetric algorithms)
$verificationKey = new JwtKey(
    id: 'key-1',
    key: 'your-secret-key',
    algorithm: 'HS256'
);

try {
    // Verify and decode the token
    $decodedJwt = SecureJwt::decode($token, $verificationKey);
    
    // Access custom claims
    $userId = $decodedJwt->claim('user_id');
    $email = $decodedJwt->claim('email');
    
    // Access all claims
    $allClaims = $decodedJwt->claims();
} catch (JwtExpiredException $e) {
    // Token has expired
} catch (JwtNotValidYetException $e) {
    // Token not valid yet (nbf claim)
} catch (TokenBlacklistedException $e) {
    // Token has been blacklisted
} catch (NonceUsedException $e) {
    // Token nonce has been used before (replay attack)
} catch (JwtValidationException $e) {
    // Other validation errors
} catch (JwtException $e) {
    // Generic JWT errors
}


use JuniorFontenele\LaravelSecureJwt\Facades\SecureJwt;

// Blacklist a token using the decoded JWT
SecureJwt::blacklist($decodedJwt->jti());

// Check if a token is blacklisted
$isBlacklisted = SecureJwt::isBlacklisted($decodedJwt->jti());

// Remove a token from the blacklist
SecureJwt::removeFromBlacklist($decodedJwt->jti());


use JuniorFontenele\LaravelSecureJwt\Facades\SecureJwt;
use JuniorFontenele\LaravelSecureJwt\JwtKey;

// Signing with private key
$signingKey = new JwtKey(
    id: 'key-1',
    key: file_get_contents('/path/to/private.key'),
    algorithm: 'RS256'
);

// Create a token
$token = SecureJwt::generateToken($customClaims, $signingKey);

// Verifying with public key
$verificationKey = new JwtKey(
    id: 'key-1',
    key: file_get_contents('/path/to/public.key'),
    algorithm: 'RS256'
);

$decodedJwt = SecureJwt::decode($token, $verificationKey);

bash
php artisan vendor:publish --tag="secure-jwt-config"