Download the PHP package l3aro/passportless-for-laravel without Composer

On this page you can find all versions of the php package l3aro/passportless-for-laravel. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package passportless-for-laravel

Passportless for Laravel

Latest Version on Packagist GitHub Tests Action Status GitHub Code Style Action Status Total Downloads

API token authentication for first-party Laravel apps — personal access tokens, optional refresh-token rotation, token sessions, and ability checks. No OAuth2 server.

Abilities are simple permission strings on access tokens. They are not OAuth scopes.

When to use

Use Passportless when… Prefer something else when…
Your Laravel app issues tokens for its own clients (mobile, CLI, internal API, server-to-server) You need a full OAuth2 authorization server → Laravel Passport
You want hashed access tokens + optional refresh rotation without OAuth clients/redirects You mainly need SPA session cookies with Laravel’s first-party stack → Laravel Sanctum is often enough
You want low ops: publish migrations, register a guard, protect routes You need third-party delegated access, authorization-code grants, or OAuth clients

Two client paths (same package):

  1. API / mobile / CLIAuthorization: Bearer {token} (this quick start)
  2. Browser SPA — optional HTTP-only cookies + CSRF → docs/browser-cookies.md

Quick start

1. Install

Optional config:

2. Register the guard

In config/auth.php:

Provider should already point at your user model (providers.users.model).

3. Add the trait

4. Issue a token and call your API

Protect a route:

Client request:

That’s the core loop.

Next steps

Guide Topic
API tokens Abilities, middleware, refresh pairs, logout, listing tokens
Browser cookies SPA HttpOnly cookies, SPA routes, CSRF, CORS
Multiple guards Users vs staff (separate identity models)
Configuration Expirations, reuse detection, cookie settings
Operations passportless:doctor, passportless:prune-stale
Testing Host-app test helpers
Docs index Full documentation map

Features

Comparison

Passportless Laravel Passport Laravel Sanctum
OAuth2 No Yes No
Best fit First-party API tokens (mobile, CLI, internal APIs) Third-party / delegated OAuth SPAs + simple personal access tokens
Ops cost Low High Low
Permissions Token abilities OAuth scopes Token abilities
Extras Refresh rotation, sessions, cookie helpers Full OAuth server SPA cookie auth, CSRF

Changelog

See CHANGELOG.

Contributing

See CONTRIBUTING.

Security Vulnerabilities

See our security policy.

Credits

License

The MIT License (MIT). See License File.


All versions of passportless-for-laravel with dependencies

PHP Build Version
Package Version
Requires php Version ^8.3
spatie/laravel-package-tools Version ^1.16
illuminate/contracts Version ^11.0||^12.0||^13.0
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package l3aro/passportless-for-laravel contains the following files

Loading the files please wait ...