Code Weaver

Helps Laravel developers discover, compare, and choose open-source packages. See popularity, security, maintainers, and scores at a glance to make better decisions.

Jwt Auth Laravel Package

tymon/jwt-auth

Laravel JWT authentication package providing token issuing, parsing, refresh, and invalidation using JSON Web Tokens. Integrates with Laravel guards/middleware, supports custom claims and multiple auth providers, and includes docs and testing support.

View on GitHub

Deep Wiki

Context7

2.3.0

What's Changed

feat: Allow lcobucci/jwt v5
feat: Support Laravel 13 by @tymondesigns in https://github.com/tymondesigns/jwt-auth/pull/2299
chore: Inherit Doc by @ChinaMoli in https://github.com/tymondesigns/jwt-auth/pull/2292

New Contributors

@ChinaMoli made their first contribution in https://github.com/tymondesigns/jwt-auth/pull/2292

Full Changelog: https://github.com/tymondesigns/jwt-auth/compare/2.2.1...2.3.0

2.2.1

What's Changed

fix: Carbon 3 diffInMinutes by @tymondesigns and @ThinhNdv in https://github.com/tymondesigns/jwt-auth/pull/2287

Full Changelog: https://github.com/tymondesigns/jwt-auth/compare/2.2.0...2.2.1

2.2.0

What's Changed

Add support for PHP 8.4 and Carbon 3 by @vbergerondev in https://github.com/tymondesigns/jwt-auth/pull/2280
chore: Allow Laravel 12 and other improvements by @tymondesigns in https://github.com/tymondesigns/jwt-auth/pull/2282

New Contributors

@vbergerondev made their first contribution in https://github.com/tymondesigns/jwt-auth/pull/2280

Full Changelog: https://github.com/tymondesigns/jwt-auth/compare/2.1.1...2.2.0

2.1.1

What's Changed

Add support for Carbon 3.X by @RBFraphael in https://github.com/tymondesigns/jwt-auth/pull/2247

New Contributors

@RBFraphael made their first contribution in https://github.com/tymondesigns/jwt-auth/pull/2247

Full Changelog: https://github.com/tymondesigns/jwt-auth/compare/2.1.0...2.1.1

2.1.0

What's Changed

feat: Add Laravel 11 compatibility by @tymondesigns in https://github.com/tymondesigns/jwt-auth/pull/2243
:sparkles: Add new getter for JWT's factory by @kingkero in https://github.com/tymondesigns/jwt-auth/pull/2233

New Contributors

@kingkero made their first contribution in https://github.com/tymondesigns/jwt-auth/pull/2233

Full Changelog: https://github.com/tymondesigns/jwt-auth/compare/2.0.0...2.1.0

2.0.0

:sparkles: Improvements

Compatibility with Laravel 9 & 10 (Laravel 9 was previously done but not tagged)
Move to GH actions

1.0.2

:sparkles: Improvements

Prevent installation of lcobucci/jwt 3.4 and above due to breaking deprecation notice in laravel https://github.com/tymondesigns/jwt-auth/issues/2059

1.0.1

:sparkles: Improvements

Compatible with Laravel 8

1.0.0

:sparkles: Improvements

Compatible with Laravel 7

:boom: Breaking changes

Drop support for Laravel 5.1
Drop support for Cartalyst Sentinel

1.0.0-rc.5.1

:bug: Bug fixes

Fix for php 7.3 when defining persistent claims that do not exist

1.0.0-rc.5

:sparkles: Improvements

Compatible with Laravel 6 (4908d376687bc836e463d851a842d5f0c1c8f494)
Added "always-no" option to secret generate command (59421160e5713f14972a72edce7c63ba6a1e3332)

1.0.0-rc.4.1

:bug: Bug fixes

Do not add to blacklist if it already exists (63698d304554e5d0bc3eb481cc260a9fc900e151)
Fix issue with php 5 (1ce697e1fa280bf22196bc397b324bc9997b90b3)

1.0.0-rc.4

:sparkles: Improvements

Compatible with Laravel 5.8 (34d8e48b2a3dd779f37e53fcb76f37e69e8cdd25)
Compatible with Carbon 2 (8dfa7952bf752ea1867fcb038a92e01e4b0d8668)

:bug: Bug fixes

Allow nbf claim to be in the future (b860a4ca219d6d76374445cffd9836b1bd1db9a6)

:art: Other

Increase generated secret key length in jwt:secret command to 64 characters (f72b8eb0deff2c002d40a8b0411a546c28ebec98)

1.0.0-rc.3

:sparkles: Improvements

Compatible with Laravel 5.7 (#1655)
Added JWTProvider (#1505)
JWTGuard is now macroable (#1604)
Reset claims collection when creating a payload (#1589)

:art: Other

JWTAuth also respects the lock_subject config (#1545)

👍 Huge thank you to everyone who contributed to this release!

ℹ️ The next release will be 1.0.0 and I will be stepping up activity on this repo very soon. Thanks for bearing with me 🙏

1.0.0-rc.2

:sparkles: Improvements

Compatible with Laravel 5.6
Add config option for lock_subject, allowing the removal of the prv claim, if you don't have multiple guards (7c1d58e294b255c4afa31c121b11b947e8699cbe)
Add ability to specify leeway to help with clock skew (#1453)
Add lcobucci jwt provider, since namshi/jose has been abandoned (#1453)
Cookies can now be decrypted (#1363)

:bug: Fixes

Fix jwt:secret command

:art: Other

Tested on php 7.2
Tons of other improvements, including code style fixes and even more test coverage

:boom: Breaking changes

auth()->getToken() now returns null instead of false if the token is not present.

👍 Huge thank you to everyone who contributed to this release!

1.0.0-rc.1

:sparkles: Improvements

Compatible with Laravel 5.5 💥 (#1278) (#1255)
Support for multiple guards (#1167)
More sensible order of claim overrides (#1222)

:bug: Fixes

Fix for Lumen empty request issue (#1243)
Fix jwt:secret command not returning when it should (5b4785e45671a45fdb23d3b3df5c9c31681d547c)

:art: Other

Adding code of conduct
Tons of other improvements, including code style fixes and even more test coverage

Full docs will be ready for the final 1.0.0 release

👍 Huge thank you to everyone who contributed to this release!

@lucasmichot @cappuc @crynobone @miscbits @MitchellMcKenna @KennedyTedesco @DanielMcAssey @hughsaffar @nachodd

0.5.12

Update namshi/jose dependency to fix issues with phpseclib
Fix laravel 5.4 compatibility in service provider

0.5.11

jti claim is now totally random as per the develop branch

1.0.0-beta.3

includes some important fixes along with some minor tweaks and improvements

1.0.0-beta.2

fixes issue from previous release

0.5.10

1.0.0-beta.1

1.0.0-alpha.3

1.0.0-alpha.2

1.0.0-alpha1

Tagging an alpha version of the next release.

No documentation just yet (soon) so only use if you know what you're doing :smile:

Will populate here with a quick start soon too

0.5.9

Doh!... I added the incorrect config paths

0.5.8

Very small patch release...

removing closures from config as this breaks laravel's config caching

0.5.7

Some bug fixes brought over from develop branch.

Allow Auth exceptions to bubble up to the surface (948518e1bc4752ab1f8fda78d8a615673d7ee6ef)
Improve testing mock stability (20185f7bfa94ed0ddf4934c755cd795479eee148)
Enabling blacklisting of expired-but-refreshable tokens (7b89b50da7b50d1e2608cfe060490d396f2f0d6a)
Other small improvements and tweaks

0.5.6

Some people expressed the need for this patch, so just a quick release whilst 0.6 is still cooking.

Casting nbf, exp & iat claims to int

0.5.5

adding typ back into the JWT header

0.5.4

Nothing major here, just ensuring branches and releases are in-sync.

Now ensures tokens are interoperable - see #126
small cs-fixes

Weaver

How can I help you explore Laravel packages today?

Conversation history is not saved when not logged in.

Add packages to context

No packages found.

davejamesmiller/laravel-breadcrumbs

artisanry/parsedown

christhompsontldr/phpsdk

enqueue/dsn

bunny/bunny

enqueue/test

enqueue/null

enqueue/amqp-tools

milesj/emojibase

bower-asset/punycode

bower-asset/inputmask

bower-asset/jquery

bower-asset/yii2-pjax

laravel/nova

spatie/laravel-mailcoach

spatie/laravel-superseeder

laravel/liferaft

nst/json-test-suite

danielmiessler/sec-lists

jackalope/jackalope-transport