PHPackages afiqiqmal/lara-pass-policy - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. afiqiqmal/lara-pass-policy ActiveLibrary[Authentication & Authorization](/categories/authentication) afiqiqmal/lara-pass-policy ========================== Laravel Password History 1.3.1(3mo ago)11.5k↑50%2[1 issues](https://github.com/afiqiqmal/lara-pass-policy/issues)MITPHPPHP ^7.4 || ^8.0 Since Oct 4Pushed 3mo ago2 watchersCompare [ Source](https://github.com/afiqiqmal/lara-pass-policy)[ Packagist](https://packagist.org/packages/afiqiqmal/lara-pass-policy)[ RSS](/packages/afiqiqmal-lara-pass-policy/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (10)Dependencies (9)Versions (13)Used By (0) Laravel Password Policy ======================= [](#laravel-password-policy) [![Latest Version on Packagist](https://camo.githubusercontent.com/8316e4a207575a2669aa197743ddbcb7f0fea287363c2772d54e70875d0a7a90/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6166697169716d616c2f6c6172612d706173732d706f6c6963792e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/afiqiqmal/lara-pass-policy)[![Total Downloads](https://camo.githubusercontent.com/839e1be5a6cd83fdfe36f8f5ae394d627bb171cce091cf2762a5867cc093be04/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6166697169716d616c2f6c6172612d706173732d706f6c6963792e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/afiqiqmal/lara-pass-policy)[![Donate](https://camo.githubusercontent.com/604e3db9c8751116b3f765aad0353ec7ded655bbe8aaacbc38d8c4a6b784b3ed/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f446f6e6174652d50617950616c2d677265656e2e737667)](https://www.paypal.com/paypalme/mhi9388?locale.x=en_US) [![](https://camo.githubusercontent.com/159e768d13f45e62252c8d5f5cd11547d877dfedd5a4ebbf1e330ef827a24fae/68747470733a2f2f62616e6e6572732e6265796f6e64636f2e64652f4c61726150617373506f6c6963792e706e673f7468656d653d6461726b267061636b6167654d616e616765723d636f6d706f7365722b72657175697265267061636b6167654e616d653d6166697169716d616c2532466c6172612d706173732d706f6c696379267061747465726e3d646f6d696e6f73267374796c653d7374796c655f31266465736372697074696f6e3d266d643d312673686f7757617465726d61726b3d3026666f6e7453697a653d313030707826696d616765733d68747470732533412532462532466c61726176656c2e636f6d253246696d672532466c6f676f6d61726b2e6d696e2e737667)](https://camo.githubusercontent.com/159e768d13f45e62252c8d5f5cd11547d877dfedd5a4ebbf1e330ef827a24fae/68747470733a2f2f62616e6e6572732e6265796f6e64636f2e64652f4c61726150617373506f6c6963792e706e673f7468656d653d6461726b267061636b6167654d616e616765723d636f6d706f7365722b72657175697265267061636b6167654e616d653d6166697169716d616c2532466c6172612d706173732d706f6c696379267061747465726e3d646f6d696e6f73267374796c653d7374796c655f31266465736372697074696f6e3d266d643d312673686f7757617465726d61726b3d3026666f6e7453697a653d313030707826696d616765733d68747470732533412532462532466c61726176656c2e636f6d253246696d672532466c6f676f6d61726b2e6d696e2e737667) Installation ------------ [](#installation) You can install the package via composer: ``` composer require afiqiqmal/lara-pass-policy ``` You can publish and run the migrations with: ``` php artisan vendor:publish --provider="Afiqiqmal\LaraPassPolicy\LaraPassPolicyServiceProvider" --tag="migrations" php artisan migrate ``` You can publish the config file with: ``` php artisan vendor:publish --provider="Afiqiqmal\LaraPassPolicy\LaraPassPolicyServiceProvider" --tag="config" ``` Out of the box, this package provide a view (Blade and Vue templates) to allow users to change own password. If you want to customize the default page you can publish the views with: ``` php artisan vendor:publish --provider="Afiqiqmal\LaraPassPolicy\LaraPassPolicyServiceProvider" --tag="views" ``` and customize as you like in: - `resources/views/auth/verify-password-change.blade.php`, for standard stack (Blade templates) - `resource/js/Pages/Auth/VerifyPasswordChange.vue`, if your stack integrate [Inertia](https://inertiajs.com) Then, be sure to specify the view name in `config/lara-pass-policy.views.password-changed`. **NOTE:** Currently, only Vue stack are supported out of the box: for React/Svelte stack you must create a new page component in `resources/js/Pages/Auth`, just like the Vue page provided. Usage ----- [](#usage) #### Add `HasPasswordPolicy` trait to the authenticable model [](#add-haspasswordpolicy-trait-to-the-authenticable-model) #### Add `MustVerifyPasswordPolicy` interface to the authenticable model [](#add-mustverifypasswordpolicy-interface-to-the-authenticable-model) ``` class User extends Authenticable implements MustVerifyPasswordPolicy { use HasPasswordPolicy; ... ... } ``` #### Add Middleware [](#add-middleware) Add `EnsurePasswordIsChanged` middleware in `$routeMiddleware` ``` protected $routeMiddleware = [ ... 'password_changed' => EnsurePasswordIsChanged::class, ... ]; ``` so you can attach it to your routes: ``` // routes/web.php Route::middleware(['auth', 'password_changed'])->group(function () { return view('welcome'); }); ``` Translations. ------------- [](#translations) You may translate the package string messages (defined in config `lara-pass.messages`) adding the translated strings in `lang/.json` files. Environment settings. --------------------- [](#environment-settings) If you want to disable Password Policy on specific environment (ex: `local`) set to `false` this variable in `.env` file: ``` # Set to false to disable password policy. PASSWORD_POLICY_ENABLED=false ``` You may also customize the number of days before the passwords expire setting the variable in `.env` file: ``` # Set to false to disable password policy. PASSWORD_LIFETIME=30 ``` Validation rules. ----------------- [](#validation-rules) If you need to apply your own default password rules, you should define a `defaults` callback within the boot method of one of your application's service providers, as described in [Laravel docs](https://laravel.com/docs/master/validation#defining-default-password-rules): this package will validate new passwords against those defaults. --- Credits ------- [](#credits) - [Hafiq](https://github.com/afiqiqmal) - [All Contributors](../../contributors) License ------- [](#license) The MIT License (MIT). Please see [License File](LICENSE.md) for more information. [![](https://camo.githubusercontent.com/fae49c14c08b15cedc0f829bf690717f2edabe33f88a6c67f6f8f7225702abc6/68747470733a2f2f692e696d6775722e636f6d2f5932677172326a2e706e67)](https://www.paypal.com/paypalme/mhi9388?locale.x=en_US) ### Health Score 42 — FairBetter than 90% of packages Maintenance58 Moderate activity, may be stable Popularity22 Limited adoption so far Community14 Small or concentrated contributor base Maturity62 Established project with proven stability Bus Factor1 Top contributor holds 54.3% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~142 days Recently: every ~262 days Total 12 Last Release 114d ago PHP version history (2 changes)v1.0PHP ^7.4|^8.0 1.3.0PHP ^7.4 || ^8.0 ### Community Maintainers ![](https://www.gravatar.com/avatar/1285084ec2d00e6c1442d03992cd156772da7267efdcbe59ac913c0676a9eb89?d=identicon)[afiqiqmal](/maintainers/afiqiqmal) --- Top Contributors [![massiws](https://avatars.githubusercontent.com/u/6533289?v=4)](https://github.com/massiws "massiws (25 commits)")[![afiqiqmal](https://avatars.githubusercontent.com/u/9051312?v=4)](https://github.com/afiqiqmal "afiqiqmal (9 commits)")[![mywira](https://avatars.githubusercontent.com/u/108710869?v=4)](https://github.com/mywira "mywira (8 commits)")[![mcspe](https://avatars.githubusercontent.com/u/122383850?v=4)](https://github.com/mcspe "mcspe (4 commits)") --- Tags hacktoberfesthacktoberfest2021laravelpassword-manager ### Code Quality TestsPest Static AnalysisPsalm Type Coverage Yes ### Embed Badge ![Health badge](/badges/afiqiqmal-lara-pass-policy/health.svg) ``` [![Health](https://phpackages.com/badges/afiqiqmal-lara-pass-policy/health.svg)](https://phpackages.com/packages/afiqiqmal-lara-pass-policy) ``` ### Alternatives [tymon/jwt-auth JSON Web Token Authentication for Laravel and Lumen 11.5k49.1M350](/packages/tymon-jwt-auth)[spatie/laravel-permission Permission handling for Laravel 12 and up 12.9k89.8M1.0k](/packages/spatie-laravel-permission)[php-open-source-saver/jwt-auth JSON Web Token Authentication for Laravel and Lumen 8359.8M53](/packages/php-open-source-saver-jwt-auth)[bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth)[laragear/two-factor On-premises 2FA Authentication for out-of-the-box. 339785.3k8](/packages/laragear-two-factor) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)