Download the PHP package miladrahimi/larajwt without Composer
On this page you can find all versions of the php package miladrahimi/larajwt. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download miladrahimi/larajwt
More information about miladrahimi/larajwt
Files in miladrahimi/larajwt
Package larajwt
Short Description JWT authentication tools and guard for Laravel projects
License MIT
Homepage http://miladrahimi.github.io/larajwt
FAQ
Example:
In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
- Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
- To use Composer is sometimes complicated. Especially for beginners.
- Composer needs much resources. Sometimes they are not available on a simple webspace.
- If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
- Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Informations about the package larajwt
LaraJwt
Laravel JWT guard and authentication tools
This package is no longer maintained. You can use the laravel/passport package instead. Or you may use miladrahimi/php-jwt to create your custom jwt guard.
Documentation
Overview
LaraJwt is a Laravel package for generating JWT (JSON Web-based Token) from users and providing JWT guard for Laravel applications.
Installation
Add the package via Composer:
Then run the following command to generate jwt.php (the package config) in your Laravel config directory:
Notes on Installation
-
The package service provider will be automatically discovered by Laravel package discovery.
- The
JwtAuthalias forMiladRahimi\LaraJwt\Facades\JwtAuthwill be automatically registered.
Configuration
To configure the package open jwt.php file in your laravel config directory. This files consists of following items:
key: The secret key to sign the token, it uses your project key if you leave it empty.ttl: Time that token will be valid, token will be expired after this time (in seconds)issuer: Issuer claimaudience: Audience claimmodel_safe: Set it true if you have different authentication for different models with LaraJwt, it ensures that token belongs to related model defined in guard.
Generate JWT from Users
Use the method below to generate JWT from users or any other authenticable entities (models):
For example you may generate JWT from users in the sign-in process like this:
If you want to store more information like role in the token, you can pass them to the method this way:
Guards
Add as many as guard you need in your config/auth.php with jwt driver like this example:
Authenticated Routes
After configuring guards in config/auth.php you can protect routes by the defined guards.
In our example we can protect route like this:
- Your clients must send header
Authorization: Bearer <jwt>in their requests.
Authenticated User
To retrieve current user and his info in your application (controllers for example) you can do it this way:
Since LaraJwt caches user fetching it can authenticate users without touching database.
Retrieve User Manually
You may need to retrieve user from generated JWTs manually, no worry! just do it this way:
It uses default user provider to fetch the user, if you are using different provider you can pass it to the method as the second parameter like this:
Retrieve JWT Claims Manually
You my even go further and need to retrieve JWT claims manually, it has considered too.
The mentioned method returns associative array of claims with following structure:
Cache
LaraJwt caches retrieving users process , so after first successful authentication it remembers jwt as long as ttl which is set in config, you may clear this cache to force LaraJwt to re-run filters or re-fetch user model from database, to do so you can use the this method:
You can pass user model (Authenticable) or its primary key to the clearCache method.
Filters
Filters are runnable closures which will be called after parsing token and fetching user model.
For example if you have considered boolean property like is_active for users,
you probably want to check its value after authentication and raise some exception if it is false or change LaraJwt
normal process the way it be seemed authentication is failed.
You can register filters as many as you need, LaraJwt runs them one by one after authentication.
AuthServiceProvider seems a good place to register hooks.
The registerFilter takes a closure with one argument to get authenticated user and it should return the user if there
is no problem, it can return null if you want make the authentication failed.
Logout and JWT Invalidation
As mentioned with example above you can logout user with following method:
It takes one boolean parameter that is true in default and put the jwt in cached blacklist so the token won't be valid in next requests, but you can pass false to make it only logout current user and clear cache.
You can also invalidate tokens with JwtAuth facade and jti claim this way:
Exceptions
This exception would be thrown if you had not published the package config (mentioned in Installation section).
JWT vs Stored Tokens
You may consider simple database-stored tokens as the alternative for JWT for authenticating, So we have provided some differences and comparison for you.
Cons
- More HTTP overhead, generated tokens are long.
- Force logout is more complex and tricky (LaraJwt handles it for you).
Pros
- No need to database column for storing generated tokens.
- No database touch if you only need user id.
- Less database touch if you cache user fetching (LaraJwt does it for you).
Contribute
Any contribution will be appreciated :D
License
This package is released under the MIT License.
