PHPackages                             laranex/laravel-refresh-token - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. laranex/laravel-refresh-token

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

laranex/laravel-refresh-token
=============================

A package to help you implement refresh token mechanism in your laravel application

v1.0.0(2y ago)1740↓50%2[2 PRs](https://github.com/laranex/laravel-refresh-token/pulls)MITPHPPHP ^8.1CI passing

Since Jun 29Pushed 3mo agoCompare

[ Source](https://github.com/laranex/laravel-refresh-token)[ Packagist](https://packagist.org/packages/laranex/laravel-refresh-token)[ Docs](https://github.com/laranex/laravel-refresh-token)[ RSS](/packages/laranex-laravel-refresh-token/feed)WikiDiscussions master Synced 1mo ago

READMEChangelog (1)Dependencies (18)Versions (5)Used By (0)

Laravel Refresh Token
=====================

[](#laravel-refresh-token)

[![Latest Version on Packagist](https://camo.githubusercontent.com/82c6f4f4c2410eac57bf9a7a57b52cc19739ac772aff7c2b6264ec63ff2e2343/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f6c6172616e65782f6c61726176656c2d726566726573682d746f6b656e2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/laranex/laravel-refresh-token)[![Total Downloads](https://camo.githubusercontent.com/06397594164339f57970f20e640dd4cccf7e23b96960c8e7573309d4c799be30/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f6c6172616e65782f6c61726176656c2d726566726573682d746f6b656e2e7376673f7374796c653d666c61742d737175617265)](https://packagist.org/packages/laranex/laravel-refresh-token)[![run-tests](https://github.com/laranex/laravel-refresh-token/actions/workflows/run-tests.yml/badge.svg)](https://github.com/laranex/laravel-refresh-token/actions/workflows/run-tests.yml)

A package to help you implement refresh token mechanism in your laravel application

Installation
------------

[](#installation)

You can install the package via composer:

```
  composer require laranex/laravel-refresh-token
```

Generate encryption keys

```
  php artisan refresh-token:keys
```

Run The migration file

```
  php artisan migrate
```

You can publish the config file with:

```
  php artisan vendor:publish --tag="refresh-token-config"
```

This is the contents of the published config file:

```
    return [

        /*
        |--------------------------------------------------------------------------
        | Encryption Keys
        |--------------------------------------------------------------------------
        |
        | Refresh Token uses encryption keys while generating secure access tokens for
        | your application. By default, the keys are stored as local files but
        | can be set via environment variables when that is more convenient.
        |
        */
        'private_key' => env('REFRESH_TOKEN_PRIVATE_KEY'),

        'public_key' => env('REFRESH_TOKEN_PUBLIC_KEY'),

        /*
        |--------------------------------------------------------------------------
        | Refresh Token Model
        |--------------------------------------------------------------------------
        |
        | Refresh Token Model to manage refresh tokens
        |
        */
        'model' => RefreshToken::class,

        /*
        |--------------------------------------------------------------------------
        | Refresh Token Table
        |--------------------------------------------------------------------------
        |
        | Refresh Token Model to manage refresh tokens
        |
        */
        'table' => 'laravel_refresh_tokens',
    ];
```

Overriding the default values (Optional)
----------------------------------------

[](#overriding-the-default-values-optional)

The following static methods are available under the `Laranex\RefreshToken\RefreshToken` class to override the default values. Invoking them with the value you want in the service provider will override the default values.

- `useRefreshTokenModel(string $refreshTokenModel): void`
- `loadKeysFrom(string $path): void`
- `refreshTokensExpireIn(DateTimeInterface $date = null): DateInterval|static`

Usage
-----

[](#usage)

- Use the trait in your refresh tokenable model

```
    class User extends Authenticatable{
        use HasRefreshTokens;

    }
```

- ### Create a refresh token

    [](#create-a-refresh-token)

```
    $user = Auth::user()->createRefreshToken();
```

- ### Verify a refresh token

    [](#verify-a-refresh-token)

    - a token instance will be return if the token is valid, or else null will be return

```
    $verifiedToken = Laranex\RefreshToken\RefreshToken::tokenable($request->get('refresh_token'));
    if ($verifiedToken) {
    // Implement your access token logic here

    } else {
    // handle invalid refresh token
    }
```

- ### Working with verified refresh token

    [](#working-with-verified-refresh-token)

    ```
        $verifiedToken = Laranex\RefreshToken\RefreshToken::tokenable($request->get('refresh_token'));
    ```

    - You can access the token instance by calling the `instance` property, The instance property will return the model instance that you use the RefreshToken trait in

        ```
            $tokenInstance = $verifiedToken->instance;
        ```
    - Revoking the refresh token (The token will no longer be valid)

        ```
            $verifiedToken->revoke();
        ```
    - Revoking all refresh tokens which are related to current refresh token instance

        ```
            $verifiedToken->revokeAll();
        ```

Prune Command
-------------

[](#prune-command)

- You can use the prune command to delete all expired refresh tokens ```
        php artisan refresh-token:prune
    ```
- Or you can put this into a scheduler to run it periodically ```
        $schedule->command('refresh-token:prune')->daily();
    ```

Changelog
---------

[](#changelog)

Please see [CHANGELOG](CHANGELOG.md) for more information on what has changed recently.

Contributing
------------

[](#contributing)

Please see [CONTRIBUTING](CONTRIBUTING.md) for details.

Security Vulnerabilities
------------------------

[](#security-vulnerabilities)

Please review [our security policy](../../security/policy) on how to report security vulnerabilities.

Credits
-------

[](#credits)

- [All Contributors](../../contributors)

License
-------

[](#license)

The MIT License (MIT). Please see [License File](LICENSE.md) for more information.

###  Health Score

38

—

LowBetter than 85% of packages

Maintenance55

Moderate activity, may be stable

Popularity20

Limited adoption so far

Community12

Small or concentrated contributor base

Maturity56

Maturing project, gaining track record

 Bus Factor1

Top contributor holds 73.2% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Unknown

Total

1

Last Release

1047d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/e2325853b60b6406c6858e62ccac7bc18920067222cd3d704e288aacc0d29798?d=identicon)[NayThuKhant](/maintainers/NayThuKhant)

---

Top Contributors

[![NayThuKhant](https://avatars.githubusercontent.com/u/61656360?v=4)](https://github.com/NayThuKhant "NayThuKhant (82 commits)")[![heinhtetsoe2000](https://avatars.githubusercontent.com/u/108323470?v=4)](https://github.com/heinhtetsoe2000 "heinhtetsoe2000 (24 commits)")[![dependabot[bot]](https://avatars.githubusercontent.com/in/29110?v=4)](https://github.com/dependabot[bot] "dependabot[bot] (3 commits)")[![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4)](https://github.com/github-actions[bot] "github-actions[bot] (3 commits)")

---

Tags

laravellaranexrefresh-tokenlaravel-refresh-tokenlaravel-refresh-token-package

###  Code Quality

TestsPHPUnit

Code StyleLaravel Pint

### Embed Badge

![Health badge](/badges/laranex-laravel-refresh-token/health.svg)

```
[![Health](https://phpackages.com/badges/laranex-laravel-refresh-token/health.svg)](https://phpackages.com/packages/laranex-laravel-refresh-token)
```

###  Alternatives

[laravel/passport

Laravel Passport provides OAuth2 server support to Laravel.

3.4k85.0M531](/packages/laravel-passport)[tymon/jwt-auth

JSON Web Token Authentication for Laravel and Lumen

11.5k49.1M347](/packages/tymon-jwt-auth)[spatie/laravel-responsecache

Speed up a Laravel application by caching the entire response

2.8k8.2M51](/packages/spatie-laravel-responsecache)[php-open-source-saver/jwt-auth

JSON Web Token Authentication for Laravel and Lumen

8359.8M53](/packages/php-open-source-saver-jwt-auth)[bezhansalleh/filament-shield

Filament support for `spatie/laravel-permission`.

2.8k2.9M88](/packages/bezhansalleh-filament-shield)[aedart/athenaeum

Athenaeum is a mono repository; a collection of various PHP packages

255.2k](/packages/aedart-athenaeum)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)