PHP code example of kz370 / jwt-auth

1. Go to this page and download the library: Download kz370/jwt-auth library. Choose the download type require.

2. Extract the ZIP file and open the index.php.

3. Add this code to the index.php.
    
        
<?php
require_once('vendor/autoload.php');

/* Start to develop here. Best regards https://php-download.com/ */

    

kz370 / jwt-auth example snippets


use Kz370\JwtAuth\Traits\HasJwtAuth;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use HasJwtAuth;
    
    // ...
}

'user_model' => App\Models\Admin::class,

// config/auth.php
'guards' => [
    'jwt' => [
        'driver' => 'jwt',
        'provider' => 'users',
    ],
    'admin-jwt' => [
        'driver' => 'jwt',
        'provider' => 'admins',
    ],
],

'providers' => [
    'users' => [
        'driver' => 'eloquent',
        'model' => App\Models\User::class,
    ],
    'admins' => [
        'driver' => 'eloquent',
        'model' => App\Models\Admin::class,
    ],
],

Route::middleware('auth:admin-jwt')->get('/admin/profile', ...);

// config/jwt-auth.php
'override_default_guard' => true,

// routes/api.php
Route::middleware('jwt.auth')->get('/user', function (Request $request) {
    return $request->user();
});

Route::middleware('jwt.refresh')->post('/refresh', [AuthController::class, 'refresh']);

use Kz370\JwtAuth\Facades\JwtAuth;

public function login(Request $request) 
{
    // ... your validation logic ...
    $user = User::where('email', $request->email)->first();

    // Replace $user->createToken('...')->plainTextToken with:
    // Simplified: IP and User-Agent are detected automatically
    // You can just pass the device name as a string:
    $tokens = JwtAuth::login($user, 'iPhone 15 Pro');

    // $tokens content: ['access_token', 'refresh_token', 'expires_in', ...]
    return response()->json($tokens);
}

use Kz370\JwtAuth\Facades\JwtAuth;

public function login(Request $request)
{
    $credentials = $request->only('email', 'password');
    
    // Choose your preferred syntax:
    
    // 1. Fully Automatic (detects IP and UA, sets device to null)
    $tokens = JwtAuth::attempt($credentials);

    // 2. Simplified Device Name (detects IP and UA automatically)
    $tokens = JwtAuth::attempt($credentials, 'iPhone 15 Pro');

    // 3. Full Manual Control
    $tokens = JwtAuth::attempt($credentials, [
        'device_name' => 'MacBook Pro',
        'ip_address'  => '1.1.1.1'
    ]);

    if (!$tokens) {
        return response()->json(['error' => 'Unauthorized'], 401);
    }

    return response()->json($tokens);
}

public function refresh(Request $request)
{
    $tokens = JwtAuth::refresh($request->refresh_token);

    if (!$tokens) {
        return response()->json(['error' => 'Invalid or expired token'], 401);
    }

    return response()->json($tokens);
}

public function logout(Request $request)
{
    $revoked = JwtAuth::logout($request->refresh_token);
    
    if (!$revoked) {
        return response()->json(['message' => 'Invalid or already revoked token'], 401);
    }

    return response()->json(['message' => 'Logged out successfully']);
}

// List all active sessions for a user
$sessions = JwtAuth::getDevices($userId);

// Revoke a specific session
JwtAuth::revokeDevice($userId, $sessionId);

// Global Logout: Revoke all sessions for a user
JwtAuth::logoutAll($userId);

// Revoke all OTHER sessions (stay logged in on current device)
JwtAuth::logoutOthers($currentRefreshToken);

// routes/console.php
use Illuminate\Support\Facades\Schedule;
Schedule::command('jwt:cleanup')->daily();
bash
php artisan migrate
bash
php artisan vendor:publish --tag=jwt-auth-config
bash
php artisan jwt:secret