PHPackages                             devmatheusguerra/jwt - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. devmatheusguerra/jwt

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

devmatheusguerra/jwt
====================

Uma biblioteca PHP para facilitar a utilização de autenticação JWT.

v1.0.0(3y ago)012MITPHP

Since Sep 1Pushed 3y ago1 watchersCompare

[ Source](https://github.com/devmatheusguerra/php-jwt)[ Packagist](https://packagist.org/packages/devmatheusguerra/jwt)[ RSS](/packages/devmatheusguerra-jwt/feed)WikiDiscussions main Synced 2d ago

READMEChangelogDependenciesVersions (2)Used By (0)

### [![Release Version](https://camo.githubusercontent.com/6fb71b9a803a8d1734048a10ba3dae3763cc7e099deab36eaf5d48fe4a8f7ed9/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f762f7461672f6465766d6174686575736775657272612f7068702d6a77743f636f6c6f723d253233306639663066266c6162656c3d72656c65617365267374796c653d666f722d7468652d6261646765)](https://github.com/devmatheusguerra/php-jwt)

[](#)

Pacote PHP que implementa JSON Web Token.
-----------------------------------------

[](#pacote-php-que-implementa-json-web-token)

### Uso simples

[](#uso-simples)

```
require 'vendor/autoload.php';
use Devmatheusguerra\JWT\JWT;

$jwt = new JWT();
$data = new stdClass();
$data->name = 'Devmatheusguerra';
$data->email = 'teste@gmail.com';

$token = $jwt->generate($data);
```

---

### 1. Configurações Iniciais

[](#1--configurações-iniciais)

Será necessária a criação de duas constantes globais. Você poderá defini-las num arquivo config.php, por exemplo.

CONSTANTETIPOValores Aceitos**SECRET\_KEY\_JWT**stringQualquer valor.**ALGORITHM\_JWT**stringHS256, HS384, HS512### 2. Método *generate()*

[](#2-método-generate)

Possui um parâmetro **não obrigatório** que corresponde ao dados personalizados que devem ser inseridos no ***payload*** do JWT. Caso queira ver mais sobre ***claim names*** [clique aqui](https://www.rfc-editor.org/rfc/rfc7519.html#section-4.1).

Por padrão já serão declarados alguns claim names:

- **iss:** Receberá o endereço do host ou localhost.
- **ip:** Receberá o endereço IP do solicitante.
- **iat:** Utilizará o instante atual da chamada da função em *UNIX TIMESTAMP*.
- **exp:** por padrão o token irá expirar em 24 horas após a chamada.

**OBS.: Esses poderão ser sobre escritos.**
-------------------------------------------

[](#obs-esses-poderão-ser-sobre-escritos)

#### Parâmetros

[](#parâmetros)

NomeTipoObrigatóriodata**stdClass**[![Não](https://camo.githubusercontent.com/ad98c5ccc6aa692554b96d9fda1caf31230c6f950edb73fd444cdb400bb872e3/68747470733a2f2f69636f6e732e69636f6e617263686976652e636f6d2f69636f6e732f686f70737461727465722f627574746f6e2f31362f427574746f6e2d44656c6574652d69636f6e2e706e67)](https://camo.githubusercontent.com/ad98c5ccc6aa692554b96d9fda1caf31230c6f950edb73fd444cdb400bb872e3/68747470733a2f2f69636f6e732e69636f6e617263686976652e636f6d2f69636f6e732f686f70737461727465722f627574746f6e2f31362f427574746f6e2d44656c6574652d69636f6e2e706e67)#### Retorno

[](#retorno)

Retorna uma ***string*** correspondente ao ***token gerado***.

### 3. Método verify()

[](#3-método-verify)

Possui um parâmetro **obrigatório** que corresponde ao token que foi recebido através da requisição do cliente.

#### Parâmetros

[](#parâmetros-1)

NomeTipo**Default**Obrigatóriotoken**string**-[![Sim](https://camo.githubusercontent.com/25246001c96a4a81f5184438e8873eee80b71be8545e425b83807e03b5ea1c33/68747470733a2f2f69636f6e732e69636f6e617263686976652e636f6d2f69636f6e732f637573746f6d2d69636f6e2d64657369676e2f666c617461737469632d392f31362f4163636570742d69636f6e2e706e67)](https://camo.githubusercontent.com/25246001c96a4a81f5184438e8873eee80b71be8545e425b83807e03b5ea1c33/68747470733a2f2f69636f6e732e69636f6e617263686976652e636f6d2f69636f6e732f637573746f6d2d69636f6e2d64657369676e2f666c617461737469632d392f31362f4163636570742d69636f6e2e706e67)ip**boolean****false**[![Não](https://camo.githubusercontent.com/ad98c5ccc6aa692554b96d9fda1caf31230c6f950edb73fd444cdb400bb872e3/68747470733a2f2f69636f6e732e69636f6e617263686976652e636f6d2f69636f6e732f686f70737461727465722f627574746f6e2f31362f427574746f6e2d44656c6574652d69636f6e2e706e67)](https://camo.githubusercontent.com/ad98c5ccc6aa692554b96d9fda1caf31230c6f950edb73fd444cdb400bb872e3/68747470733a2f2f69636f6e732e69636f6e617263686976652e636f6d2f69636f6e732f686f70737461727465722f627574746f6e2f31362f427574746f6e2d44656c6574652d69636f6e2e706e67)#### Retorno

[](#retorno-1)

Retorna um ***stdClass***. Se o parâmetro `ìp` estiver **false** será analisada se a assinatura do token é válida e se o token não expirou. Do contrário, a requisição também deverá vir da mesma origem cujo token foi gerado.

Possíveis retornos.
-------------------

[](#possíveis-retornos)

##### `ip != $_SERVER['REMOTE_ADDR']`

[](#ip--_serverremote_addr)

```
message => Invalid IP
status => 403
response => false

```

##### `signature != token_signature`

[](#signature--token_signature)

```
message => Invalid signature'
status => 403
response => false

```

##### `exp > now()`

[](#exp--now)

```
message => Token expired
status => 403
response => false

```

##### `Nenhuma das anteriores`

[](#nenhuma-das-anteriores)

```
message => Token valid
status => 200
response => true

```

### 4. Método getClaims()

[](#4-método-getclaims)

Possui um parâmetro **obrigatório** que corresponde ao token que foi recebido através da requisição do cliente.

#### Parâmetros

[](#parâmetros-2)

NomeTipoObrigatóriotoken**string**[![Sim](https://camo.githubusercontent.com/25246001c96a4a81f5184438e8873eee80b71be8545e425b83807e03b5ea1c33/68747470733a2f2f69636f6e732e69636f6e617263686976652e636f6d2f69636f6e732f637573746f6d2d69636f6e2d64657369676e2f666c617461737469632d392f31362f4163636570742d69636f6e2e706e67)](https://camo.githubusercontent.com/25246001c96a4a81f5184438e8873eee80b71be8545e425b83807e03b5ea1c33/68747470733a2f2f69636f6e732e69636f6e617263686976652e636f6d2f69636f6e732f637573746f6d2d69636f6e2d64657369676e2f666c617461737469632d392f31362f4163636570742d69636f6e2e706e67)token**string**[![Sim](https://camo.githubusercontent.com/25246001c96a4a81f5184438e8873eee80b71be8545e425b83807e03b5ea1c33/68747470733a2f2f69636f6e732e69636f6e617263686976652e636f6d2f69636f6e732f637573746f6d2d69636f6e2d64657369676e2f666c617461737469632d392f31362f4163636570742d69636f6e2e706e67)](https://camo.githubusercontent.com/25246001c96a4a81f5184438e8873eee80b71be8545e425b83807e03b5ea1c33/68747470733a2f2f69636f6e732e69636f6e617263686976652e636f6d2f69636f6e732f637573746f6d2d69636f6e2d64657369676e2f666c617461737469632d392f31362f4163636570742d69636f6e2e706e67)#### Retorno

[](#retorno-2)

Retorna uma ***stdClass*** contendo o ***payload do token***.

### 5. Constantes

[](#5-constantes)

Buscando otimizar o tempo, alguns dos Status HTTP foram trazidos para a classe.

VALORHTTP STATUS CODEFORBIDDEN403UNAUTHORIZED401BAD\_REQUEST400SUCCESS200CREATED201Exemplo de uso.

```
$tokenValido = $jwt->verify($token_recebido);
if($tokenValido)
	http_response_code(JWT::CREATED);
else
	http_response_code(JWT::FORBIDDEN);
```

###  Health Score

22

—

LowBetter than 21% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity5

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity47

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Unknown

Total

1

Last Release

1401d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/55563650a5b8b6b8fa615c48785763bb1628f0e528f73a3a6b303954e6626d4e?d=identicon)[devmatheusguerra](/maintainers/devmatheusguerra)

---

Top Contributors

[![devmatheusguerra](https://avatars.githubusercontent.com/u/25610323?v=4)](https://github.com/devmatheusguerra "devmatheusguerra (26 commits)")

### Embed Badge

![Health badge](/badges/devmatheusguerra-jwt/health.svg)

```
[![Health](https://phpackages.com/badges/devmatheusguerra-jwt/health.svg)](https://phpackages.com/packages/devmatheusguerra-jwt)
```

###  Alternatives

[kartik-v/yii2-password

Useful password strength validation utilities for Yii Framework 2.0

761.3M17](/packages/kartik-v-yii2-password)[vitalybaev/laravel5-dkim

Laravel 5/6 package for signing outgoing messages with DKIM.

3163.1k](/packages/vitalybaev-laravel5-dkim)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
