Weave Code
Code Weaver
Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.
Feedback
Share your thoughts, report bugs, or suggest improvements.
Subject
Message
Log in Register
Home
Packages
Jwt Auth
Docs

Jwt Auth Laravel Package

tymon/jwt-auth

Laravel JWT authentication package providing token issuing, parsing, refresh, and invalidation using JSON Web Tokens. Integrates with Laravel guards/middleware, supports custom claims and multiple auth providers, and includes docs and testing support.

View on GitHub
Deep Wiki
Context7

Methods

The following methods are available on the Auth guard instance.

Multiple Guards

If the newly created 'api' guard is not set as a default guard or you have defined multiple guards to handle authentication, you should specify the guard when calling auth().

  $token = auth('api')->attempt($credentials);

attempt()

Attempt to authenticate a user via some credentials.

// Generate a token for the user if the credentials are valid
$token = auth()->attempt($credentials);

This will return either a jwt or null

login()

Log a user in and return a jwt for them.

// Get some user from somewhere
$user = User::first();

// Get the token
$token = auth()->login($user);

user()

Get the currently authenticated user.

// Get the currently authenticated user
$user = auth()->user();

If the user is not then authenticated, then null will be returned.

userOrFail()

Get the currently authenticated user or throw an exception.

try {
    $user = auth()->userOrFail();
} catch (\Tymon\JWTAuth\Exceptions\UserNotDefinedException $e) {
    // do something
}

If the user is not set, then a Tymon\JWTAuth\Exceptions\UserNotDefinedException will be thrown

logout()

Log the user out - which will invalidate the current token and unset the authenticated user.

auth()->logout();

// Pass true to force the token to be blacklisted "forever"
auth()->logout(true);

refresh()

Refresh a token, which invalidates the current one

$newToken = auth()->refresh();

// Pass true as the first param to force the token to be blacklisted "forever".
// The second parameter will reset the claims for the new token
$newToken = auth()->refresh(true, true);

invalidate()

Invalidate the token (add it to the blacklist)

auth()->invalidate();

// Pass true as the first param to force the token to be blacklisted "forever".
auth()->invalidate(true);

tokenById()

Get a token based on a given user's id.

$token = auth()->tokenById(123);

payload()

Get the raw JWT payload

$payload = auth()->payload();

// then you can access the claims directly e.g.
$payload->get('sub'); // = 123
$payload['jti']; // = 'asfe4fq434asdf'
$payload('exp') // = 123456
$payload->toArray(); // = ['sub' => 123, 'exp' => 123456, 'jti' => 'asfe4fq434asdf'] etc

validate()

Validate a user's credentials

if (auth()->validate($credentials)) {
    // credentials are valid
}

More advanced usage

Adding custom claims

$token = auth()->claims(['foo' => 'bar'])->attempt($credentials);

Set the token explicitly

$user = auth()->setToken('eyJhb...')->user();

Set the request instance explicitly

$user = auth()->setRequest($request)->user();

Override the token ttl

$token = auth()->setTTL(7200)->attempt($credentials);
Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.
Prompt
Add packages to context
No packages found.
hamzi/corewatch
minionfactory/raw-hydrator
hexters/coinpayment
rjcodes/rjcms
act-training/laravel-permissions-manager
alimarchal/laravel-chart-of-accounts
babenkoivan/elastic-scout-driver
mkwebdesign/filament-watchdog-v5
renatomarinho/laravel-page-speed
zedmagdy/filament-business-hours
renatovdemoura/blade-elements-ui
devgeek/beacon-admin
benjamin-rqt/data-watcher-bundle
atriumphp/atrium
sandermuller/package-boost-laravel
sandermuller/boost-skills
redaxo/core
yusufgenc/filament-api-forge
l3aro/rating-star-for-filament
leek/filament-subtenant-scope