PHPackages                             imanrjb/passport-auth - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. imanrjb/passport-auth

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

imanrjb/passport-auth
=====================

Laravel and Lumen passport package

v1.0.5(3y ago)0316MITPHP

Since Mar 7Pushed 3y ago1 watchersCompare

[ Source](https://github.com/ImanRJB/passport-auth)[ Packagist](https://packagist.org/packages/imanrjb/passport-auth)[ RSS](/packages/imanrjb-passport-auth/feed)WikiDiscussions main Synced 5d ago

READMEChangelogDependencies (4)Versions (15)Used By (0)

Passport Auth
=============

[](#passport-auth)

Making Laravel Passport work with Lumen

A simple service provider that makes Laravel Passport work with Lumen

Dependencies
------------

[](#dependencies)

- PHP &gt;= 8.0
- Lumen &gt;= 9.0

Installation via Composer
-------------------------

[](#installation-via-composer)

```
$ composer require imanrjb/passport-auth
```

Or if you prefer, edit `composer.json` manually:

```
{
    "require": {
        "imanrjb/passport-auth": "^1.0"
    }
}
```

### Modify the bootstrap flow (`bootstrap/app.php` file)

[](#modify-the-bootstrap-flow-bootstrapappphp-file)

```
// Enable Facades
$app->withFacades();

// Enable Eloquent
$app->withEloquent();

// Enable auth middleware (shipped with Lumen)
$app->routeMiddleware([
    'auth' => App\Http\Middleware\Authenticate::class,
]);

$app->register(App\Providers\AuthServiceProvider::class);
$app->register(\PassportAuth\PassportAuthServiceProvider::class);
```

Registering Routes
------------------

[](#registering-routes)

Next, you should call the LumenPassport::routes method within the boot method of your application (AuthServiceProvider.php). This method will register the routes necessary to issue access tokens and revoke access tokens, clients, and personal access tokens:

```
\PassportAuth\LumenPassport::routes($this->app->router);
```

You can add that into an existing group, or add use this route registrar independently like so;

```
\PassportAuth\LumenPassport::routes($this->app->router, ['prefix' => 'v1/oauth']);
```

### Migrate and install Laravel Passport

[](#migrate-and-install-laravel-passport)

```
# Publish config files
php artisan vendor:publish --tag=passport-auth

# Create new tables for Passport
php artisan migrate

# Install encryption keys and other necessary stuff for Passport
php artisan passport:install
```

### Installed routes

[](#installed-routes)

This package mounts the following routes after you call routes() method (see instructions below):

VerbPathNamedRouteControllerActionMiddlewarePOST/oauth/token\\Laravel\\Passport\\Http\\Controllers\\AccessTokenControllerissueToken-GET/oauth/tokens\\Laravel\\Passport\\Http\\Controllers\\AuthorizedAccessTokenControllerforUserauthDELETE/oauth/tokens/{token\_id}\\Laravel\\Passport\\Http\\Controllers\\AuthorizedAccessTokenControllerdestroyauthPOST/oauth/token/refresh\\Laravel\\Passport\\Http\\Controllers\\TransientTokenControllerrefreshauthGET/oauth/clients\\Laravel\\Passport\\Http\\Controllers\\ClientControllerforUserauthPOST/oauth/clients\\Laravel\\Passport\\Http\\Controllers\\ClientControllerstoreauthPUT/oauth/clients/{client\_id}\\Laravel\\Passport\\Http\\Controllers\\ClientControllerupdateauthDELETE/oauth/clients/{client\_id}\\Laravel\\Passport\\Http\\Controllers\\ClientControllerdestroyauthGET/oauth/scopes\\Laravel\\Passport\\Http\\Controllers\\ScopeControllerallauthGET/oauth/personal-access-tokens\\Laravel\\Passport\\Http\\Controllers\\PersonalAccessTokenControllerforUserauthPOST/oauth/personal-access-tokens\\Laravel\\Passport\\Http\\Controllers\\PersonalAccessTokenControllerstoreauthDELETE/oauth/personal-access-tokens/{token\_id}\\Laravel\\Passport\\Http\\Controllers\\PersonalAccessTokenControllerdestroyauthPlease note that some of the Laravel Passport's routes had to 'go away' because they are web-related and rely on sessions (eg. authorise pages). Lumen is an API framework so only API-related routes are present.

User model
----------

[](#user-model)

Make sure your user model uses Passport's `HasApiTokens` trait, eg.:

```
class User extends Model
{
    use HasApiTokens, Authenticatable, Authorizable;

    public function findForPassport($email)
    {
        return $this->where('email', $email)->first();
    }

    public function validateForPassportPasswordGrant($password)
    {
        return Hash::check($password, $this->password);
    }
}
```

### Different TTLs for different password clients

[](#different-ttls-for-different-password-clients)

Laravel Passport allows to set one global TTL for access tokens, but it may be useful sometimes to set different TTLs for different clients (eg. mobile users get more time than desktop users).

Simply do the following in your service provider:

```
// Second parameter is the client Id
\PassportAuth\LumenPassport::tokensExpireIn(Carbon::now()->addMinutes(50), 2);
\Laravel\Passport\Passport::refreshTokensExpireIn(Carbon::now()->addDays(2));
```

If you don't specify client Id, it will simply fall back to Laravel Passport implementation.

### Console command for purging expired tokens

[](#console-command-for-purging-expired-tokens)

Simply run `php artisan passport:purge` to remove expired refresh tokens and their corresponding access tokens from the database.

Issue token
-----------

[](#issue-token)

```
// Generate new token with user credential
    $client = Client::whereProvider('users')->first();

    $request = Request::create('/oauth/token', 'POST', [
        'grant_type' => 'password',
        'client_id' => $client->id,
        'client_secret' => $client->secret,
        'username' => $request->email,
        'password' => $request->password,
        'scope' => '*',
        'user_agent' => Browser::platformName() . ", " . Browser::browserFamily(),
        'ip' => request()->ip()
    ]);

    return app()->handle($request);

// Create route with middleware and return user information
    $router->group(['middleware' => 'auth:api'], function () use ($router) {
        $router->get('/user', function () {
            return \Illuminate\Support\Facades\Auth::user();
        });
    });
```

Refresh token
-------------

[](#refresh-token)

```
// Generate new token with refresh token
    $client = Client::whereProvider('users')->first();

    $request = Request::create('/oauth/token', 'POST', [
        'grant_type' => 'refresh_token',
        'client_id' => $client->id,
        'client_secret' => $client->secret,
        'refresh_token' => $request->refresh_token,
        'scope' => '',
    ]);

    return app()->handle($request);
```

###  Health Score

26

—

LowBetter than 43% of packages

Maintenance20

Infrequent updates — may be unmaintained

Popularity12

Limited adoption so far

Community7

Small or concentrated contributor base

Maturity56

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~8 days

Recently: every ~25 days

Total

14

Last Release

1425d ago

Major Versions

v0.0.8 → v1.0.02022-03-09

### Community

Maintainers

![](https://www.gravatar.com/avatar/e847e423707b19edef05a973a7285643d04b8c65e93f9bc50ee9bf2d223ac211?d=identicon)[ImanRJB](/maintainers/ImanRJB)

---

Top Contributors

[![ImanR7](https://avatars.githubusercontent.com/u/22983388?v=4)](https://github.com/ImanR7 "ImanR7 (19 commits)")

### Embed Badge

![Health badge](/badges/imanrjb-passport-auth/health.svg)

```
[![Health](https://phpackages.com/badges/imanrjb-passport-auth/health.svg)](https://phpackages.com/packages/imanrjb-passport-auth)
```

###  Alternatives

[simplesamlphp/saml2

SAML2 PHP library from SimpleSAMLphp

30317.2M40](/packages/simplesamlphp-saml2)[dusterio/lumen-passport

Making Laravel Passport work with Lumen

6511.3M9](/packages/dusterio-lumen-passport)[jeremy379/laravel-openid-connect

OpenID Connect support to the PHP League's OAuth2 Server. Compatible with Laravel Passport.

55342.3k2](/packages/jeremy379-laravel-openid-connect)[league/oauth2-server-bundle

Symfony bundle .

2344.7M6](/packages/league-oauth2-server-bundle)[corbosman/laravel-passport-claims

Add claims to Laravel Passport JWT Tokens

88655.9k](/packages/corbosman-laravel-passport-claims)[coderello/laravel-passport-social-grant

Social Grant for Laravel Passport

179607.4k3](/packages/coderello-laravel-passport-social-grant)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)