PHPackages archerzdip/laravel-api-auth - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. archerzdip/laravel-api-auth ActiveLibrary[Authentication & Authorization](/categories/authentication) archerzdip/laravel-api-auth =========================== Authorize requests to your Laravel application with API keys v2.0.4(6y ago)21.8k1MITPHPPHP >=7.1CI failing Since Aug 16Pushed 6y ago1 watchersCompare [ Source](https://github.com/ArcherZdip/laravel-api-auth)[ Packagist](https://packagist.org/packages/archerzdip/laravel-api-auth)[ RSS](/packages/archerzdip-laravel-api-auth/feed)WikiDiscussions master Synced 1mo ago READMEChangelogDependencies (1)Versions (16)Used By (0) Laravel-api-auth ================ [](#laravel-api-auth) [![star this repo](https://camo.githubusercontent.com/f1096a33a0631d80b024661726cc051a901602726320c893cb6b27f218ee8d09/687474703a2f2f6769746875626261646765732e636f6d2f737461722e7376673f757365723d4172636865725a646970267265706f3d6c61726176656c2d6170692d61757468267374796c653d64656661756c74)](https://github.com/ArcherZdip/laravel-api-auth)[![fork this repo](https://camo.githubusercontent.com/6f6e8e09140c07204e84a7d7b557ecb14a0adac8cbc632dfa299a9a7a14c0e5a/687474703a2f2f6769746875626261646765732e636f6d2f666f726b2e7376673f757365723d4172636865725a646970267265706f3d6c61726176656c2d6170692d61757468267374796c653d64656661756c74)](https://github.com/ArcherZdip/laravel-api-auth/fork)[![Packagist](https://camo.githubusercontent.com/753bded243be76c064059d9c380961194eb58bcd69e7004a42c4a3f721e80d78/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6172636865727a6469702f6c61726176656c2d6170692d61757468)](https://camo.githubusercontent.com/753bded243be76c064059d9c380961194eb58bcd69e7004a42c4a3f721e80d78/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6172636865727a6469702f6c61726176656c2d6170692d61757468)[![Scrutinizer Code Quality](https://camo.githubusercontent.com/4b770fadf35b19ce4611a9b754f2c0d4fc9a3f199d49a44a54a79e894fc1b3ce/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f4172636865725a6469702f6c61726176656c2d6170692d617574682f6261646765732f7175616c6974792d73636f72652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/ArcherZdip/laravel-api-auth/?branch=master)[![Code Coverage](https://camo.githubusercontent.com/6a3dd8e1f358f42e80dbc23c97d1512b2b8c9ac545b408a6000da7cc70cc6bf5/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f4172636865725a6469702f6c61726176656c2d6170692d617574682f6261646765732f636f7665726167652e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/ArcherZdip/laravel-api-auth/?branch=master)[![Build Status](https://camo.githubusercontent.com/e2450a09927a2bb79ffbf4f34246f1db08a3b894242c8f627fe3686fe0d3ebec/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f4172636865725a6469702f6c61726176656c2d6170692d617574682f6261646765732f6275696c642e706e673f623d6d6173746572)](https://scrutinizer-ci.com/g/ArcherZdip/laravel-api-auth/build-status/master)[![Code Intelligence Status](https://camo.githubusercontent.com/963f15a09d28bbe41fc6c920028345e8ebefb563fa4ab906e01f5bbe85ae142e/68747470733a2f2f7363727574696e697a65722d63692e636f6d2f672f4172636865725a6469702f6c61726176656c2d6170692d617574682f6261646765732f636f64652d696e74656c6c6967656e63652e7376673f623d6d6173746572)](https://scrutinizer-ci.com/code-intelligence) Installation ------------ [](#installation) Run `composer require archerzdip/laravel-api-auth`. Publish the migration files ``` $ php artisan vendor:publish # Or... $ php artisan vendor:publish --provider="ArcherZdip\LaravelApiAuth\Providers\ApiAuthServiceProvider" ``` Run the migrations ``` $ php artisan migrate ``` Console ------- [](#console) Generate a new app using `php artisan apikey:generate {name}`. The name argument is the name of your APP name. All new app are active by default. ``` ☁ demo1 php artisan apikey:generate demo-app1 +-----------+------------------+------------------------------------------------------------------+---------------------+ | AppName | appId | secret | CreateAt | +-----------+------------------+------------------------------------------------------------------+---------------------+ | demo-app1 | JNzgjqLnp1nLNCBV | G8sfHyguwhB7mGTpdp0LCBEooZPOFnzlqHX8NRCZSG7miWwPRihNw4vsmcSeYChq | 2019-08-16 06:50:08 | +-----------+------------------+------------------------------------------------------------------+---------------------+ ``` About app opreate, like activate, deactivate, delete, refresh secret. ``` ☁ demo1 php artisan apikey:put --help Usage: apikey:put [options] [--] Arguments: appid Options: -A, --activate Activate an App by appid -F, --deactivate Deactivate an App by appid -D, --delete Delete an App by appid -R, --refresh refresh an app's secret by appid -h, --help Display this help message ``` Deactivate app by appid using `php artisan apikey:put {appid} -F` ``` ☁ demo1 php artisan apikey:put eA4lU1ukEWZkdmAb -F Deactivate app succ, name: demo-app2 +-----------+------------------+------------------------------------------------------------------+-------------+---------------------+ | AppName | AppId | Secret | Status | CreateAt | +-----------+------------------+------------------------------------------------------------------+-------------+---------------------+ | demo-app2 | eA4lU1ukEWZkdmAb | CxDWa7uFxgGhshmbgm0HE9bqRbVN1gj0CO47pdwZzXpWhfuebvULfUwmnCPK59ph | deactivated | 2019-08-16 06:59:06 | +-----------+------------------+------------------------------------------------------------------+-------------+---------------------+ ``` Activate app by appid using `php artisan apikey:put {appid} -A` ``` ☁ demo1 php artisan apikey:put eA4lU1ukEWZkdmAb -A Activate app succ, name: demo-app2 +-----------+------------------+------------------------------------------------------------------+--------+---------------------+ | AppName | AppId | Secret | Status | CreateAt | +-----------+------------------+------------------------------------------------------------------+--------+---------------------+ | demo-app2 | eA4lU1ukEWZkdmAb | CxDWa7uFxgGhshmbgm0HE9bqRbVN1gj0CO47pdwZzXpWhfuebvULfUwmnCPK59ph | active | 2019-08-16 06:59:06 | +-----------+------------------+------------------------------------------------------------------+--------+---------------------+ ``` Refresh secret by appid using `php artisan apikey:put {appid} -R` ``` ☁ demo1 php artisan apikey:put eA4lU1ukEWZkdmAb -R Are you sure you want to refresh this app secret, AppId:eA4lU1ukEWZkdmAb, name:demo-app2 ? (yes/no) [no]: > no ☁ demo1 php artisan apikey:put eA4lU1ukEWZkdmAb -R Are you sure you want to refresh this app secret, AppId:eA4lU1ukEWZkdmAb, name:demo-app2 ? (yes/no) [no]: > yes Refresh app secret succ, name: demo-app2 +-----------+------------------+------------------------------------------------------------------+--------+---------------------+ | AppName | AppId | Secret | Status | CreateAt | +-----------+------------------+------------------------------------------------------------------+--------+---------------------+ | demo-app2 | eA4lU1ukEWZkdmAb | A6oMUTU4XZDExbxVLGdwNdbptdKe6ewNivCloDXsRTYGTQfjCZVqMQUeiq651Zq0 | active | 2019-08-16 06:59:06 | +-----------+------------------+------------------------------------------------------------------+--------+---------------------+ ``` Delete app by appid using `php artisan apikey:put {appid} -D` ``` ☁ demo1 php artisan apikey:put JNzgjqLnp1nLNCBV -D Are you sure you want to delete AppId:JNzgjqLnp1nLNCBV, name:demo-app1 ? (yes/no) [no]: > yes Deleted app succ, name: demo-app1 ``` List all app. The -D or --deleted flag includes deleted apps. ``` ☁ demo1 php artisan apikey:list -D +-----------+------------------+------------------------------------------------------------------+---------+---------------------+ | AppName | AppId | Secret | Status | CreateAt | +-----------+------------------+------------------------------------------------------------------+---------+---------------------+ | demo-app1 | JNzgjqLnp1nLNCBV | G8sfHyguwhB7mGTpdp0LCBEooZPOFnzlqHX8NRCZSG7miWwPRihNw4vsmcSeYChq | deleted | 2019-08-16 06:50:08 | | demo-app2 | eA4lU1ukEWZkdmAb | A6oMUTU4XZDExbxVLGdwNdbptdKe6ewNivCloDXsRTYGTQfjCZVqMQUeiq651Zq0 | active | 2019-08-16 06:59:06 | +-----------+------------------+------------------------------------------------------------------+---------+---------------------+ ``` Usage ----- [](#usage) A new `auth.apikey` route middleware has been registered for you to use in your routes or controllers. Below are examples on how to use middleware, but for detailed information, check out [Middleware](https://laravel.com/docs/middleware) in the Laravel Docs. Route example ``` Route::get('api/user/1', function () { // })->middleware('auth.apikey'); ``` Controller example ``` class UserController extends Controller { /** * Instantiate a new controller instance. * * @return void */ public function __construct() { $this->middleware('auth.apikey'); } } ``` ### Authorizing Requests [](#authorizing-requests) In order to pass the `auth.apikey` middleware, requests must include an `Authorization` header as part of the request, with its value being an active API key. ``` Authorization: VApUyoTm5I5DtlQAJjJbmCbrdceFsVCb6H3CpsL4SdUlgGdUui8WjxwbcejAfmL7 ``` or `token={token}` Token generate regulation. ``` sign = sha1(appid . secret . exp) // exp = time() token = base64_encode(implode('.', [appid, sign, exp]) ``` Event history ------------- [](#event-history) Any time an API key is generated, activated, deactivated, or deleted, a record is logged in the `api_auth_oprate_event` table. Each record contains the following information: - app\_client\_id - ip\_address - event - created\_at - updated\_at API event history ----------------- [](#api-event-history) If you open log, all API requests that pass authorization will logger. Support driver database and file. Database infomation: - appid - ip\_address - url - params - type TODO ---- [](#todo) - Configuration way of encryption. License ------- [](#license) MIT license ### Health Score 31 — LowBetter than 68% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity23 Limited adoption so far Community5 Small or concentrated contributor base Maturity61 Established project with proven stability How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~16 days Recently: every ~38 days Total 15 Last Release 2239d ago Major Versions v1.9 → v2.02019-10-25 ### Community Maintainers ![](https://www.gravatar.com/avatar/25f63f83fcd43e4ae6cf9243d2cb7613b793962e221cffb8073b6d8f5f3b3b93?d=identicon)[ArcherZdip](/maintainers/ArcherZdip) --- Tags laravellaravel-apilaravel api authveritylaravel app auth ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/archerzdip-laravel-api-auth/health.svg) ``` [![Health](https://phpackages.com/badges/archerzdip-laravel-api-auth/health.svg)](https://phpackages.com/packages/archerzdip-laravel-api-auth) ``` ### Alternatives [imdhemy/laravel-purchases The top-notch Laravel receipt validator. 3831.1M2](/packages/imdhemy-laravel-purchases)[martbock/laravel-diceware Diceware Passphrase Generator for Laravel 3264.7k](/packages/martbock-laravel-diceware)[orchestra/auth Auth Component for Orchestra Platform 24108.5k3](/packages/orchestra-auth)[ingria/laravel-x509-auth Laravel 5 Client Certificate auth middleware 375.6k](/packages/ingria-laravel-x509-auth) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)