Airlock Laravel Package

• [4.x] Supports Laravel 13 by [@crynobone](https://github.com/crynobone) in https://github.com/laravel/sanctum/pull/587

• Add optional last_used_at tracking configuration by [@MElkmeshi](https://github.com/MElkmeshi) in https://github.com/laravel/sanctum/pull/583
• [4.x] Fix tests by [@jackbayliss](https://github.com/jackbayliss) in https://github.com/laravel/sanctum/pull/584
• [4.x] Fix failing test on Laravel > 11 by [@jackbayliss](https://github.com/jackbayliss) in https://github.com/laravel/sanctum/pull/585
• [4.x] Use property promotion by [@jackbayliss](https://github.com/jackbayliss) in https://github.com/laravel/sanctum/pull/586

• Allow nullable $passwordHash by [@BnitoBzh](https://github.com/BnitoBzh) in https://github.com/laravel/sanctum/pull/582

• Allow null password hash by [@patrickomeara](https://github.com/patrickomeara) in https://github.com/laravel/sanctum/pull/581

• Support HMAC password hash format from Laravel 12.45.0+ by [@ams-ryanolson](https://github.com/ams-ryanolson) in https://github.com/laravel/sanctum/pull/578

• [4.x] Remove [@return](https://github.com/return) docblocks on constructors by [@CasEbb](https://github.com/CasEbb) in https://github.com/laravel/sanctum/pull/575
• [4.x] PHP 8.5 Compatibility by [@crynobone](https://github.com/crynobone) in https://github.com/laravel/sanctum/pull/576

• [Refactor] Add indexes to personal_access_tokens by [@keshav-k3](https://github.com/keshav-k3) in https://github.com/laravel/sanctum/pull/571

• [4.x] Factor token last_used_at update into separate method by [@cosmastech](https://github.com/cosmastech) in https://github.com/laravel/sanctum/pull/567
• refactor: use text for name column by [@reidsolon](https://github.com/reidsolon) in https://github.com/laravel/sanctum/pull/570

• Fixes inconsistency in Sanctum::currentApplicationUrlWithPort() and Sanctum::currentRequestHost() by [@denjaland](https://github.com/denjaland) in https://github.com/laravel/sanctum/pull/565

• Update logo by [@iamdavidhill](https://github.com/iamdavidhill) in https://github.com/laravel/sanctum/pull/562
• Feature to treat same domain requests to be from frontend and make stateful by [@denjaland](https://github.com/denjaland) in https://github.com/laravel/sanctum/pull/564

• Supports Laravel 12 by [@crynobone](https://github.com/crynobone) in https://github.com/laravel/sanctum/pull/556

• [4.x] Add tokenCant() helper function to HasApiTokens by [@chester-sykes](https://github.com/chester-sykes) in https://github.com/laravel/sanctum/pull/552

• Add leading slash to [@template](https://github.com/template) tag in HasTokens by [@omnicolor](https://github.com/omnicolor) in https://github.com/laravel/sanctum/pull/550

• [4.x] Supports PHP 8.4 by [@crynobone](https://github.com/crynobone) in https://github.com/laravel/sanctum/pull/542
• [4.x] Remove generic requirement that token is an instance of a Model by [@cosmastech](https://github.com/cosmastech) in https://github.com/laravel/sanctum/pull/549

• [4.x] Add Generics to HasApiTokens by [@cosmastech](https://github.com/cosmastech) in https://github.com/laravel/sanctum/pull/544
• [4.x] Add generics by [@cosmastech](https://github.com/cosmastech) in https://github.com/laravel/sanctum/pull/545

• Fix: Cast Model Key to Integer for PostgreSQL Performance Improvement by [@BakhadyrovF](https://github.com/BakhadyrovF) in https://github.com/laravel/sanctum/pull/524
• Revert "Fix: Cast Model Key to Integer for PostgreSQL Performance Improvement" by [@driesvints](https://github.com/driesvints) in https://github.com/laravel/sanctum/pull/526
• Replace dead link in Security Policy by [@Jubeki](https://github.com/Jubeki) in https://github.com/laravel/sanctum/pull/528
• Update logo to support dark/light theme by [@milewski](https://github.com/milewski) in https://github.com/laravel/sanctum/pull/536

• Fix/unable to logout by [@GigaGiorgadze](https://github.com/GigaGiorgadze) in https://github.com/laravel/sanctum/pull/511

• [4.x] Make commands lazy by [@timacdonald](https://github.com/timacdonald) in https://github.com/laravel/sanctum/pull/502

• [4.x] Adds Laravel 11 support by [@nunomaduro](https://github.com/nunomaduro) in https://github.com/laravel/sanctum/pull/480
• Matching method to contract for createToken() by [@gammamatrix](https://github.com/gammamatrix) in https://github.com/laravel/sanctum/pull/498

• Updated CsrfCookieController to use named arguments by [@OussamaMater](https://github.com/OussamaMater) in https://github.com/laravel/sanctum/pull/487
• Extract generate token method by [@mowangjuanzi](https://github.com/mowangjuanzi) in https://github.com/laravel/sanctum/pull/488

• Fix typo in config by [@cosmastech](https://github.com/cosmastech) in https://github.com/laravel/sanctum/pull/476
• Accept null as a parameter for Sanctum[[@getAccessTokenFromRequestUsing](https://github.com/getAccessTokenFromRequestUsing)](https://github.com/getAccessTokenFromRequestUsing)() by [@cosmastech](https://github.com/cosmastech) in https://github.com/laravel/sanctum/pull/477

• Re-arrange middleware by [@taylorotwell](https://github.com/taylorotwell) in https://github.com/laravel/sanctum/commit/d1f8bf7f2bdc39ba2a11f1d067b96d31d18246c8

• Use crc32b instead of crc32 by [@marzvrover](https://github.com/marzvrover) in https://github.com/laravel/sanctum/pull/468
• Ensure device has not been logged out by [@crynobone](https://github.com/crynobone) in https://github.com/laravel/sanctum/pull/467
• Do not prefix by default by [@taylorotwell](https://github.com/taylorotwell) https://github.com/laravel/sanctum/commit/95a0181900019e2d79acbd3e2ee7d57e3d0a086b

• Make tokens identifiable with prefix and checksum by [@marzvrover](https://github.com/marzvrover) in https://github.com/laravel/sanctum/pull/459
• Add deprecated annotation in MissingScopeException by [@hungthai1401](https://github.com/hungthai1401) in https://github.com/laravel/sanctum/pull/462

• Fix middleware by @taylorotwell in https://github.com/laravel/sanctum/commit/8ebda85d59d3c414863a7f4d816ef8302faad876

• Check for validate CSRF token by @taylorotwell in https://github.com/laravel/sanctum/commit/f5bae6156c760545f368438198327e2609ba7bf1

• Revert "check for validate csrf token middleware" by @driesvints in https://github.com/laravel/sanctum/commit/6281ce796d464592867f768eb890642aa1954bd0

• Check for validate csrf token middleware by @taylorotwell in https://github.com/laravel/sanctum/commit/bbcb052de3fe075a67446e8c5c8ffcb191a1fb24

Fixed

• Fix bearer token format validation by @krasucki in https://github.com/laravel/sanctum/pull/417

Added

• Laravel v10 Support by @driesvints in https://github.com/laravel/sanctum/pull/415

Changed

• Uses PHP Native Type Declarations 🐘 by @nunomaduro in https://github.com/laravel/sanctum/pull/405

Changed

• Update migration's primary identifier change by @suyar in https://github.com/laravel/sanctum/pull/386
• Prune expires_at tokens by @iruoy in https://github.com/laravel/sanctum/pull/385

Added

• Expiration dates for tokens by @bjhijmans in https://github.com/laravel/sanctum/pull/252

Changed

• Improves console output by @nunomaduro in https://github.com/laravel/sanctum/pull/382
• Shorter tokens by @taylorotwell in https://github.com/laravel/sanctum/commit/c46fc083ab52f2ddac97ee4510486f90fc94f220

Removed

• Drop old Laravel and PHP versions by @driesvints in https://github.com/laravel/sanctum/pull/378

Changed

• Use app helper (60f2809)

Changed

• Environment APP_URL added into the default sanctum.stateful configuration (#264)

Fixed

• Changed Primary Key will not be used in created token's plainTextToken (#262)

Fixed

• Avoid running string functions when domain is null (#258)

Added

• Add multiple guard support for SPA auth (#246, f5695ae)

Fixed

• Return json response when the request expects a json (#247)

Fixed

• Fix user provider in sanctum guard (#225)

Changed

• Add default nextjs address to stateful (e86d3e0)

Added

• PHP 8 Support (#213)

Added

• Adds origin header fallback (#204)

Changed

• Shorten tokens (#186)

Added

• Laravel 8 support (#184)

Fixed

• Use the correct Str::endsWith parameter order (#163)

Fixed

• Fix default statefull domains (#158, 2aac713)

Added

• Added Multiple Provider Support (#149)

Fixed

• Fixed Host Problem (#155)

Fixed

• EncryptCookies middleware option in config/sanctum.php (#147)

Added

• Add routes config option (6cf798f)

Fixed

• 419 Exception with requests without referrer (#139)

Changed

• More performant tokens lookup (#136)

Fixed

• No need to specify a provider (#129)

Added

• Allow customizing the query used to get the token (#124)

Changed

• Added custom auth token header support by @CodesignDev in https://github.com/laravel/sanctum/pull/354

Added

• Add sanctum:prune-expired command for removing expired tokens. by @yuraplohov in https://github.com/laravel/sanctum/pull/348

Fixed

• Add exit codes to command by @driesvints in https://github.com/laravel/sanctum/pull/351

Changed

• Use config function by @taylorotwell in commit

Changed

• Add helper for current app url with port (5702317)

Changed

• Laravel 9 support (#329)

Added

• Add an event on successful token validation (#327, b656bc1)

Changed

• Add guard to config (f811d5c)

Changed

• Rename CheckScopes and CheckForAnyScope to CheckAbilities and CheckForAnyAbility (#312)

Added

• Add CheckScopes and CheckForAnyScope Middleware (#310)

Fixed

• Revert "fix: replace hardcoded "web" guard by config('sanctum.guard')" (#309)

Fixed

• Replace hardcoded "web" guard by config('sanctum.guard') (#307)

Fixed

• Ignore updating last_used_at for deciding the DB connection host (#283, 2c8b9a1)
• Fix resolving wrong app instance on Octane (#285, #286)

Changed

• Only parse APP_URL for default stateful domains when it's set (#279)

Added

• Sanctum::$accessTokenAuthenticationCallback callback for more granular control over access token validation (#275, 9c07921, #276)

Added

• Add HasApiTokens contract to complement trait (#270)

Fixed

• Enhance supportsTokens check (#123)

Fixed

• actingAs any ability (#120)

Added

• Make the guard configurable (#110)

Changed

• Renamed package to Sanctum

Fixed

• Allow localhost ip access by default (#81)
• Update minimum Laravel version to ^6.9 (#89)
• Fix wildcard matching (d8de232, 9a66e76)

First stable release.

Changed

• Allow .env configuration of stateful domains (#70)

Added

• Added user mocking using actingAs (#51)
• Add a CSRF middleware config variable (#54, 4f77acd, 7df454d)

Changed

• Modify PersonalAccessToken Model to be polymorphic (#49)

Initial commit.