PHPackages antarctica/laravel-token-blacklist - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. antarctica/laravel-token-blacklist ActiveLibrary[Authentication & Authorization](/categories/authentication) antarctica/laravel-token-blacklist ================================== Enables API tokens to be marked as invalid until natural expiry within Laravel. v0.1.3.1(11y ago)1761MITPHPPHP >=5.4.0 Since Jan 7Pushed 11y ago2 watchersCompare [ Source](https://github.com/antarctica/laravel-token-blacklist)[ Packagist](https://packagist.org/packages/antarctica/laravel-token-blacklist)[ RSS](/packages/antarctica-laravel-token-blacklist/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (6)Versions (6)Used By (1) Laravel Token Blacklist ======================= [](#laravel-token-blacklist) Enables API tokens to be marked as invalid until natural expiry within Laravel. This package is designed not to depend on any particular auth token package (with the exception that tokens are strings). However, by default this package will rely on the [antarctica/laravel-auth-token](https://github.com/antarctica/laravel-auth-token) package to provide a working implementation out of the box. This package is designed not to rely on any particular storage mechanism to record details of blacklisted tokens. However, by default this package will reply on an [Eloquent](http://laravel.com/docs/4.2/eloquent) model with an underlying `blacklisted_token` database. Again this is to provide a working implementation out of the box. It is possible to provide your own implementation for token handling and for storing details of blacklisted tokens. Installing ---------- [](#installing) Require this package in your `composer.json` file: ``` { "require": { "antarctica/laravel-token-blacklist": "0.*" } } ``` Run `composer update`. Register the service provider in the `providers` array of your `app/config/app.php` file: ``` 'providers' => array( 'Antarctica\LaravelTokenBlacklist\LaravelTokenBlacklistServiceProvider', ) ``` ### Package dependency note [](#package-dependency-note) This package depends on the [Indatus/dispatcher](https://github.com/Indatus/dispatcher) package - which replies on OS level support (enabling a cron job). As per [BASWEB-114](https://jira.ceh.ac.uk/browse/BASWEB-114) if using the [antarctica/laravel](https://github.com/antarctica/ansible-laravel) Ansible role to provision the underlying infrastructure on which the app using this package is required, it is necessary to require this package in the app `composer.json` file. i.e. ``` { "require": { "indatus/dispatcher": "1.4.*@dev" } } ``` Composer will resolve the package requirements in exactly the same way, this change is only needed so Ansible is aware this package is used and that OS support should be provided for its use. ### Usage [](#usage) #### Basic usage [](#basic-usage) These steps assume the use of the default token implementation (provided by the `antarctica/laravel-token-auth` package) and storage implementation (using the bundled Eloquent model). To use alternatives see the *custom usage* section. Create the required database table using the package migration: ``` php artisan migrate --package="antarctica/laravel-token-blacklist" ``` Finished. ##### Ongoing maintenance [](#ongoing-maintenance) The package will create a scheduled task ran, by default, every day at midnight. This task will automatically clear out any blacklisted tokens that have naturally expired and would be rejected anyway. To run this maintenance command manually: ``` php artisan auth-tokens:delete-expired-blacklisted-tokens ``` #### Custom implementation [](#custom-implementation) You can replace the default token and/or storage implementation as required. ##### Custom *token* implementation [](#custom-token-implementation) Note: This currently isn't supported, but will be in future versions of the package \[See BASWEB-118 for details\]. ##### Custom *storage* implementation [](#custom-storage-implementation) Custom storage implementations must implement the `TokenBlacklistRepositoryInterface` interface, which is commented and hopefully self descriptive. The `TokenBlacklistRepositoryEloquent` implementation can act as a working example. Use a custom implementation first publish this package's configuration: ``` php artisan config:publish antarctica/laravel-token-blacklist ``` Then set the `repository` key to the custom implementation. E.g. ``` 'repository' => 'Antarctica\LaravelTokenBlacklist\Repository\TokenBlacklistRepositoryEloquent' ``` Contributing ------------ [](#contributing) This project welcomes contributions, see `CONTRIBUTING` for our general policy. Developing ---------- [](#developing) To aid development and keep your local computer clean, a VM (managed by Vagrant) is used to create an isolated environment with all necessary tools/libraries available. ### Requirements [](#requirements) - Mac OS X - Ansible `brew install ansible` - [VMware Fusion](http://vmware.com/fusion) - [Vagrant](http://vagrantup.com) `brew cask install vmware-fusion vagrant` - [Host manager](https://github.com/smdahlen/vagrant-hostmanager) and [Vagrant VMware](http://www.vagrantup.com/vmware) plugins `vagrant plugin install vagrant-hostmanager && vagrant plugin install vagrant-vmware-fusion` - You have a private key `id_rsa` and public key `id_rsa.pub` in `~/.ssh/` - You have an entry like \[1\] in your `~/.ssh/config` \[1\] SSH config entry ``` Host bslweb-* ForwardAgent yes User app IdentityFile ~/.ssh/id_rsa Port 22 ``` ### Provisioning development VM [](#provisioning-development-vm) VMs are managed using Vagrant and configured by Ansible. ``` $ git clone ssh://git@stash.ceh.ac.uk:7999/basweb/laravel-token-blacklist.git $ cp ~/.ssh/id_rsa.pub laravel-token-blacklist/provisioning/public_keys/ $ cd laravel-token-blacklist $ ./armadillo_standin.sh $ vagrant up $ ssh bslweb-laravel-token-blacklist-dev-node1 $ cd /app $ composer install $ logout ``` ### Committing changes [](#committing-changes) The [Git flow](laravel-token-blacklist) workflow is used to manage development of this package. Discrete changes should be made within *feature* branches, created from and merged back into *develop* (where small one-line changes may be made directly). When ready to release a set of features/changes create a *release* branch from *develop*, update documentation as required and merge into *master* with a tagged, [semantic version](http://semver.org/) (e.g. `v1.2.3`). After releases the *master* branch should be merged with *develop* to restart the process. High impact bugs can be addressed in *hotfix* branches, created from and merged into *master* directly (and then into *develop*). ### Issue tracking [](#issue-tracking) Issues, bugs, improvements, questions, suggestions and other tasks related to this package are managed through the BAS Web & Applications Team Jira project ([BASWEB](https://jira.ceh.ac.uk/browse/BASWEB)). ### Clean up [](#clean-up) To remove the development VM: ``` vagrant halt vagrant destroy ``` The `laravel-token-blacklist` directory can then be safely deleted as normal. License ------- [](#license) Copyright 2015 NERC BAS. Licensed under the MIT license, see `LICENSE` for details. ### Health Score 25 — LowBetter than 37% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity11 Limited adoption so far Community10 Small or concentrated contributor base Maturity52 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~1 days Total 5 Last Release 4137d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/6cf29a08b30c4f568f3b00f16bdb420ad2bc14efa856cf9e50f137216abf1682?d=identicon)[felnne](/maintainers/felnne) --- Top Contributors [![felnne](https://avatars.githubusercontent.com/u/7847612?v=4)](https://github.com/felnne "felnne (50 commits)") ### Embed Badge ![Health badge](/badges/antarctica-laravel-token-blacklist/health.svg) ``` [![Health](https://phpackages.com/badges/antarctica-laravel-token-blacklist/health.svg)](https://phpackages.com/packages/antarctica-laravel-token-blacklist) ``` ### Alternatives [bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth)[olssonm/l5-very-basic-auth Laravel stateless HTTP basic auth without the need for a database 1662.5M1](/packages/olssonm-l5-very-basic-auth)[stechstudio/laravel-jwt Helper package that makes it easy to generate, consume, and protect routes with JWT tokens in Laravel 126117.6k](/packages/stechstudio-laravel-jwt)[scaler-tech/laravel-saml2 SAML2 Service Provider integration for Laravel applications, based on OneLogin toolkit 2737.5k](/packages/scaler-tech-laravel-saml2)[truckersmp/steam-socialite Laravel Socialite provider for Steam OpenID. 1516.7k](/packages/truckersmp-steam-socialite) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)