PHPackages brunoabpinto/csrf-refresh - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. brunoabpinto/csrf-refresh ActiveLibrary[Security](/categories/security) brunoabpinto/csrf-refresh ========================= Automatic CSRF token refresh for Laravel applications to prevent token expiration on long-lived pages v1.0.0(3mo ago)421[1 issues](https://github.com/brunoabpinto/csrf-refresh/issues)MITPHPPHP ^8.1 Since Jan 22Pushed 3mo agoCompare [ Source](https://github.com/brunoabpinto/csrf-refresh)[ Packagist](https://packagist.org/packages/brunoabpinto/csrf-refresh)[ Docs](https://github.com/brunoabpinto/csrf-refresh)[ RSS](/packages/brunoabpinto-csrf-refresh/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependencies (1)Versions (2)Used By (0) CSRF Refresh for Laravel ======================== [](#csrf-refresh-for-laravel) Automatic CSRF token refresh for Laravel applications to prevent token expiration on long-lived pages. Installation ------------ [](#installation) Install the package via Composer: ``` composer require brunoabpinto/csrf-refresh ``` The package will automatically register its service provider via Laravel's package auto-discovery. Usage ----- [](#usage) Add the `@csrfRefresh` Blade directive to your layout file, typically in the `` section or before the closing `` tag: ``` @csrfRefresh ``` How It Works ------------ [](#how-it-works) 1. The package registers a route at `/csrf-token/refresh` that returns a fresh CSRF token 2. A JavaScript file is automatically published to `public/vendor/csrf-refresh/` 3. The script periodically fetches a new CSRF token and updates the `` element 4. The refresh interval is calculated based on your session lifetime configuration (refreshes 50 seconds before expiration) Publishing Assets ----------------- [](#publishing-assets) The JavaScript file is automatically published on first boot. To manually update the assets after a package update: ``` php artisan vendor:publish --tag=csrf-refresh-assets --force ``` Requirements ------------ [](#requirements) - PHP 8.1 or higher - Laravel 10.x or 11.x License ------- [](#license) The MIT License (MIT). Please see [License File](LICENSE) for more information. ### Health Score 34 — LowBetter than 77% of packages Maintenance73 Regular maintenance activity Popularity7 Limited adoption so far Community4 Small or concentrated contributor base Maturity43 Maturing project, gaining track record How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 116d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/179d61df4249373d3470b1fd3222fcd5a54db6776f45202f1a1f97789e87113f?d=identicon)[brunoabpinto](/maintainers/brunoabpinto) --- Tags laravelsecuritytokensessioncsrfrefresh ### Embed Badge ![Health badge](/badges/brunoabpinto-csrf-refresh/health.svg) ``` [![Health](https://phpackages.com/badges/brunoabpinto-csrf-refresh/health.svg)](https://phpackages.com/packages/brunoabpinto-csrf-refresh) ``` ### Alternatives [tzsk/otp A secure, database-free One-Time Password (OTP) generator and verifier for PHP and Laravel. 241641.4k1](/packages/tzsk-otp)[paragonie/anti-csrf Paragon Initiative's Anti-CSRF Security Library 307200.6k5](/packages/paragonie-anti-csrf)[dgtlss/warden A Laravel package that proactively monitors your dependencies for security vulnerabilities by running automated composer audits and sending notifications via webhooks and email 8745.6k](/packages/dgtlss-warden)[ercsctt/laravel-file-encryption Secure file encryption and decryption for Laravel applications 642.6k](/packages/ercsctt-laravel-file-encryption)[laragear/poke Keep your forms alive, avoid TokenMismatchException by gently poking your Laravel app 2211.5k](/packages/laragear-poke) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)