PHPackages                             jundayw/tokenable - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. jundayw/tokenable

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

jundayw/tokenable
=================

Laravel Tokenable provides multi-model and multi-platform authentication with refresh tokens for APIs, SPAs, and SSR.

v2.0.0(2mo ago)21.4kMITPHPPHP ^8.0

Since Oct 5Pushed 2mo agoCompare

[ Source](https://github.com/jundayw/laravel-tokenable)[ Packagist](https://packagist.org/packages/jundayw/tokenable)[ Docs](https://github.com/jundayw/laravel-tokenable)[ RSS](/packages/jundayw-tokenable/feed)WikiDiscussions main Synced 1mo ago

READMEChangelogDependencies (2)Versions (7)Used By (0)

Laravel Tokenable
=================

[](#laravel-tokenable)

[![GitHub Tag](https://camo.githubusercontent.com/1b0f8a765916d61556ce28879e189abbfb997569a136a6147845e10edf2d4965/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f762f7461672f6a756e646179772f6c61726176656c2d746f6b656e61626c65)](https://github.com/jundayw/laravel-tokenable/tags)[![Total Downloads](https://camo.githubusercontent.com/2689dbc9a8282d8b82921f6e558c7c6541a34d18e02d590a90a2a1b3b1f7d8bd/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6a756e646179772f746f6b656e61626c653f7374796c653d666c61742d737175617265)](https://packagist.org/packages/jundayw/tokenable)[![Packagist Version](https://camo.githubusercontent.com/b1354a4a8324e27515324e3eb639f7a8c7ce418919dca218c98c8b32f8a60914/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6a756e646179772f746f6b656e61626c65)](https://packagist.org/packages/jundayw/tokenable)[![Packagist PHP Version Support](https://camo.githubusercontent.com/208085e973fd162acd47316c954501b9ee319ea61f43cb09618eb183dd8191f5/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f7068702d762f6a756e646179772f746f6b656e61626c65)](https://github.com/jundayw/laravel-tokenable)[![Packagist License](https://camo.githubusercontent.com/8c85e3a8a367b6c77fa79bea8b6ac83ffaf7d1a2e7ce136f27131018638a780e/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f6a756e646179772f6c61726176656c2d746f6b656e61626c65)](https://github.com/jundayw/laravel-tokenable)

 Table of Contents1. [Introduction](#introduction)
2. [Documentation](#documentation)
3. [Installation](#installation)
4. [Usage](#usage)
5. [Contributing](#contributing)
6. [Contributors](#contributors)
7. [License](#license)

Introduction
------------

[](#introduction)

**Laravel Tokenable** is a modern authentication package that extends Laravel’s token capabilities beyond Sanctum.

It supports:

- **APIs** for stateless clients.
- **SPAs** (Single Page Applications) for JavaScript-driven frontends.
- **SSR** (Server-Side Rendered apps) with cookie-based authentication.

Key features include:

- **Multi-model support** — authenticate multiple user models (e.g. `User`, `Admin`, `Member`) seamlessly.
- **Multi-platform support** — issue tokens per platform (e.g. `App`, `Web`, `Mini Programs`) with fine-grained control.
- **Refresh tokens** — enable long-lived sessions with secure refresh workflows.
- **Flexible token structure** — customize token structure and lifecycle management.
- **Cookie + API support** — works equally well for session-based SSR and token-based APIs.

Laravel Sanctum provides basic API authentication and multiple model support, but falls short when:

- You need **fine-grained token control per platform** (e.g. App vs Web).
- You require **refresh token flows**.
- You want **customizable token structures** instead of being tied to Sanctum’s defaults.

**Laravel Tokenable** bridges this gap, making token authentication **first-class, flexible, and universal** across your Laravel projects.

\[[back to top](#readme-top)\]

Documentation
-------------

[](#documentation)

Documentation for Laravel Tokenable can be found on the [documentation](https://jundayw.github.io/laravel-tokenable/).

\[[back to top](#readme-top)\]

Installation
------------

[](#installation)

You can install the package via [Composer](https://getcomposer.org):

```
composer require jundayw/tokenable
```

### Publish Resources

[](#publish-resources)

Your users can also publish all publishable files defined by your package's service provider using the `--provider` flag:

```
php artisan vendor:publish --provider="Jundayw\Tokenable\TokenableServiceProvider"
```

You may wish to publish only the configuration files:

```
php artisan vendor:publish --tag=tokenable-config
```

You may wish to publish only the migration files:

```
php artisan vendor:publish --tag=tokenable-migrations
```

### Run Migrations

[](#run-migrations)

```
php artisan migrate --path=database/migrations/2025_06_01_000000_create_auth_token_table.php
```

\[[back to top](#readme-top)\]

Usage
-----

[](#usage)

### Configuration

[](#configuration)

Use the `tokenable` guard in the `guards` configuration of your application's `auth.php` configuration file:

```
'guards' => [
    'api' => [
        'driver' => 'tokenable',
        'provider' => 'users',
    ],
],
```

### Model

[](#model)

To start issuing tokens for users, your User model should use the `Jundayw\Tokenable\HasTokenable` trait and implement the `Jundayw\Tokenable\Contracts\Tokenable` interface.

```
namespace App\Models;

use Jundayw\Tokenable\Contracts\Tokenable;
use Jundayw\Tokenable\HasTokenable;

class User extends Authenticatable implements Tokenable
{
    use HasTokenable, HasFactory, Notifiable;
}
```

### Create Token

[](#create-token)

```
$user = User::query()->where([
    'email'    => $request->get('email'),
    'password' => Hash::make($request->get('password')),
])->first();

if(is_null($user)){
    return null;
}

return $this->guard('web')
    ->login($user)
    ->createToken(name: 'PC Token', platform: 'pc');
```

### Refresh Token

[](#refresh-token)

```
return $this->guard('web')->refreshToken();
```

### Revoke Token

[](#revoke-token)

```
return $this->guard()->revokeToken();
```

Exception
---------

[](#exception)

```
TokenableException
├── AuthenticationException (HTTP 401)                // 所有认证失败的基类
│   └── TokenInvalidException                         // 令牌相关的认证异常基类
│       ├── TokenNotFoundException                    // 令牌不存在
│       ├── TokenExpiredException                     // 令牌过期基类
│       │   ├── AccessTokenExpiredException           // 访问令牌过期
│       │   └── RefreshTokenExpiredException          // 刷新令牌过期
│       └── RefreshTokenNotAvailableException         // 刷新令牌尚未生效
└── AuthorizationException (HTTP 403)                 // 所有授权失败的基类
    └── MissingScopeException                         // 缺少必要权限范围

```

Contributing
------------

[](#contributing)

Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are **greatly appreciated**.

If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!

1. Fork the Project
2. Create your Feature Branch (`git checkout -b feature/AmazingFeature`)
3. Commit your Changes (`git commit -m 'Add some AmazingFeature'`)
4. Push to the Branch (`git push origin feature/AmazingFeature`)
5. Open a Pull Request

\[[back to top](#readme-top)\]

Contributors
------------

[](#contributors)

Thanks goes to these wonderful people:

[ ![contrib.rocks image](https://camo.githubusercontent.com/f0a682376acde61bb0cb9ab4d6d44f6eb7efbe3fd9b930af5dcbbeb338b7f956/68747470733a2f2f636f6e747269622e726f636b732f696d6167653f7265706f3d6a756e646179772f6c61726176656c2d746f6b656e61626c65)](https://github.com/jundayw/laravel-tokenable/graphs/contributors)Contributions of any kind are welcome!

\[[back to top](#readme-top)\]

License
-------

[](#license)

Distributed under the MIT License (MIT). Please see [License File](https://github.com/jundayw/laravel-tokenable/blob/main/LICENSE) for more information.

\[[back to top](#readme-top)\]

###  Health Score

42

—

FairBetter than 90% of packages

Maintenance88

Actively maintained with recent releases

Popularity19

Limited adoption so far

Community6

Small or concentrated contributor base

Maturity45

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~32 days

Recently: every ~40 days

Total

6

Last Release

60d ago

Major Versions

v0.20.0 → v1.0.02025-10-11

v1.0.1 → v2.0.02026-03-18

### Community

Maintainers

![](https://www.gravatar.com/avatar/2da9b458375a1b7972b7c4d26a5bf8f3e48db305e8805da36f253956f33c5568?d=identicon)[jundayw](/maintainers/jundayw)

---

Top Contributors

[![jundayw](https://avatars.githubusercontent.com/u/16873970?v=4)](https://github.com/jundayw "jundayw (77 commits)")

---

Tags

authenticationjwt-authjwt-tokentokenjwtlaravelAuthenticationtokenoauthapi-authSSRmulti-modelSPArefresh-tokenmulti-platformcookie-auth

### Embed Badge

![Health badge](/badges/jundayw-tokenable/health.svg)

```
[![Health](https://phpackages.com/badges/jundayw-tokenable/health.svg)](https://phpackages.com/packages/jundayw-tokenable)
```

###  Alternatives

[auth0/login

Auth0 Laravel SDK. Straight-forward and tested methods for implementing authentication, and accessing Auth0's Management API endpoints.

2745.0M3](/packages/auth0-login)[ellaisys/aws-cognito

AWS Cognito package that allows Auth and other related features using the AWS SDK for PHP

120220.7k1](/packages/ellaisys-aws-cognito)[internacionalweb/cognito-token-verifier

This library verifies that the signature of the JWT is valid, comes from a desired application, and that the token has not been tampered with or expired.

102.1k](/packages/internacionalweb-cognito-token-verifier)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)