PHPackages                             bluemill/jwt-artisan - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication & Authorization](/categories/authentication)
4. /
5. bluemill/jwt-artisan

ActiveLibrary[Authentication & Authorization](/categories/authentication)

bluemill/jwt-artisan
====================

JWT auth package for Laravel and Lumen

0.1.8(9y ago)0636↓100%MITPHP

Since Sep 30Pushed 6y agoCompare

[ Source](https://github.com/bluemill/jwt-artisan)[ Packagist](https://packagist.org/packages/bluemill/jwt-artisan)[ RSS](/packages/bluemill-jwt-artisan/feed)WikiDiscussions master Synced 1mo ago

READMEChangelogDependencies (4)Versions (6)Used By (0)

JWT Artisan
===========

[](#jwt-artisan)

**Note: forked from  and updated to work with Laravel >= 6 and PHP >= 7.2**

Token auth for Laravel and Lumen web artisans
---------------------------------------------

[](#token-auth-for-laravel-and-lumen-web-artisans)

[JWT](http://jwt.io/) is a great solution for authenticating API requests between various services. This package makes working with JWT super easy for both [Laravel](http://laravel.com/) and [Lumen](http://lumen.laravel.com/).

### Why JWT?

[](#why-jwt)

Because you have

[![microservices](https://camo.githubusercontent.com/e600647d0bd604da385002d3e80ba89f743917742dca34bcd655795ed44ee357/687474703a2f2f692e696d6775722e636f6d2f474a6c594438332e6a7067)](https://camo.githubusercontent.com/e600647d0bd604da385002d3e80ba89f743917742dca34bcd655795ed44ee357/687474703a2f2f692e696d6775722e636f6d2f474a6c594438332e6a7067)

That need to authenticate with each other so you can turn away bad requests like

[![how bout no](https://camo.githubusercontent.com/f4b7defecce8c95ae46cfa9b6e72fe70cbf516191571327af8f01da56acbb908/687474703a2f2f692e696d6775722e636f6d2f424d50793741472e706e67)](https://camo.githubusercontent.com/f4b7defecce8c95ae46cfa9b6e72fe70cbf516191571327af8f01da56acbb908/687474703a2f2f692e696d6775722e636f6d2f424d50793741472e706e67)

Which is why JWT makes you feel like

[![yea baby](https://camo.githubusercontent.com/45a941d616ba71e6d8d9876670ec4454e277b7c56ae38856dfc7a0d344df71d9/687474703a2f2f692e696d6775722e636f6d2f6c7953456c374f2e6a7067)](https://camo.githubusercontent.com/45a941d616ba71e6d8d9876670ec4454e277b7c56ae38856dfc7a0d344df71d9/687474703a2f2f692e696d6775722e636f6d2f6c7953456c374f2e6a7067)

### Contents

[](#contents)

- [Setup](#setup)
- [Configure](#configure)
- [Working with Tokens](#working-with-tokens)

Setup
-----

[](#setup)

Install the package using composer

```
$ composer require generationtux/jwt-artisan

```

Add the appropriate service provider for Laravel/Lumen

```
// Laravel
// config/app.php
'providers' => [
    ...
    GenTux\Jwt\Support\LaravelServiceProvider::class,
]

// Lumen
// bootstrap/app.php
$app->register(GenTux\Jwt\Support\LumenServiceProvider::class);
```

Configure
---------

[](#configure)

All configuration for this package can be set using environment variables. The reason for using environment variables instead of config files is so that it can be integrated with both Laravel & Lumen as easily as possible. See the table below for the available config options and their defaults.

ConfigDefaultDescription`JWT_SECRET`*null*The secret key that will be used for sigining/validating tokens.`JWT_ALGO`*HS256*The algorithm to use for sigining tokens.`JWT_LEEWAY`0Seconds of leeway for validating timestamps to account for time differences between systems`JWT_INPUT`*token*By default we will look for the token in the `Authorization` header. If it's not found there, then this value will be used to search the sent input from the request to find the token.`JWT_HEADER`*Authorization*By default the `Authorization` header key is used. This can be overridden with this value.If you're using the `JwtExceptionHandler` to handle exceptions, these environment variables can be set to customize the error messages. *(see below for information on using the exception handler)*

ConfigDefaultDescription`JWT_MESSAGE_ERROR`*There was an error while validating the authorization token.*`500` A general error occured while working with the token.`JWT_MESSAGE_INVALID`*Authorization token is not valid.*`401` The provided token is invalid in some way: expired, mismatched signature, etc.`JWT_MESSAGE_NOTOKEN`*Authorization token is required.*`401` There was no token found with the request.`JWT_MESSAGE_NOSECRET`*No JWT secret defined.*`500` Unable to find the JWT secret for validating/signing tokens.Working with Tokens
-------------------

[](#working-with-tokens)

- [Creating Tokens](#creating-tokens)
- [Validating Tokens](#validating-tokens)
- [Payloads](#payloads)
- [Handling Errors](#handling-errors)

### Creating Tokens

[](#creating-tokens)

Inject an instance of `GenTux\Jwt\JwtToken` into your controller or other service to create new tokens.

```