PHPackages laravelha/jwt-auth-acl - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. laravelha/jwt-auth-acl ActiveLibrary[Authentication & Authorization](/categories/authentication) laravelha/jwt-auth-acl ====================== JWT Auth ACL 0.0.7(6y ago)2181PHPPHP ^7.2CI failing Since Feb 19Pushed 6y ago1 watchersCompare [ Source](https://github.com/laravelha/jwt-auth-acl)[ Packagist](https://packagist.org/packages/laravelha/jwt-auth-acl)[ RSS](/packages/laravelha-jwt-auth-acl/feed)WikiDiscussions dev Synced 2d ago READMEChangelogDependencies (8)Versions (8)Used By (0) JWT Auth ACL ============ [](#jwt-auth-acl) JWT Auth ACL is a Laravel package to authentication and authorization package. The middleware `ha.acl` check if auth user is authorized to access the route and he is authorized when has permission with the same name of the route within any role he has Install ------- [](#install) - Install packaqe with composer `composer require laravelha/jwt-auth-acl` - Remove default User files: - `app/User.php` - `database/factories/UserFactory.php` - `database/migrations/2014_10_12_000000_create_users_table.php` - Publish config `php artisan vendor:publish --foce --tag ha-auth-config` - Publish seeder `php artisan vendor:publish --foce --tag ha-auth-seeds` - Add `ha.acl` on routes with that you wish check permissions - Run `php artisan db:seed --class=PermissionsTableSeeder` to populate permissions table - Run `php artisan jwt:secret` - Set `config/l5-swagger.php` to read annotations on `vendor/laravelha/jwt-auth-acl/src` - Run `php artisan l5-swagger:generate` to generate docs Use --- [](#use) - Add `ha.acl` on your protected routes - Publish seeder `php artisan vendor:publish --foce --tag ha-auth-seeds` - Run `php artisan db:seed --class=PermissionsTableSeeder` to populate permissions table ### Create roles [](#create-roles) Tinker ``` php artisan tinker factory(Role::class)->create(['name' => 'Name', 'description' => 'Description']) ``` GuzzleHttp ``` $client = new GuzzleHttp\Client(['base_uri' => APP_URL]); $client->post('/api/roles', [ 'headers' => ['Authorization': 'BEARER '.TOKEN], 'json' => [ 'name': 'Name', 'descriptiom': 'Descriptiom', ], ] ``` axios ``` axios.post('/api/auth/login', { email: 'admin@laravelha.com', password: 'password', }); axios.defaults.headers.common['Authorization'] = AUTH_TOKEN; axios.post('/api/auth/roles', { name: 'Name', description: 'Description' }); ``` cUrl ``` curl -X POST "APP_URL/api/auth/login" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"email\": \"admin@laravelha.com\", \"password\": \"password\"}" curl -X POST "APP_URL/api/auth/roles" -H "accept: application/json" -H "Authorization: Bearer TOKEN" -d "{ \"name\": \"Name\", \"description\": \"Description\"}" ``` ### Sync role permissions [](#sync-role-permissions) Tinker ``` php artisan tinker $role = Role::find(ID) $role->permissions->sync([ID_P1, ID_P2, ID_P3..]) ``` GuzzleHttp ``` $client = new GuzzleHttp\Client(['base_uri' => APP_URL]); $client->post('/api/roles', [ 'headers' => ['Authorization': 'BEARER '.TOKEN], 'json' => [ 'permissions': [ID_P1, ID_P2, ID_P3..] ], ] ``` axios ``` axios.post('/api/auth/login', { email: 'admin@laravelha.com', password: 'password', }); axios.defaults.headers.common['Authorization'] = AUTH_TOKEN; axios.put('/api/auth/roles/' + ID, { permissions: [ID_P1, ID_P2, ID_P3..], }); ``` cUrl ``` curl -X POST "APP_URL/api/auth/login" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"email\": \"admin@laravelha.com\", \"password\": \"password\"}" curl -X PUT "APP_URL/api/auth/roles/ID" -H "accept: application/json" -H "Authorization: Bearer TOKEN" -d "{ \"permissions\": \"[ID_P1, ID_P2, ID_P3..]\"}" ``` ### Sync user roles [](#sync-user-roles) Tinker ``` php artisan tinker $user = User::find(ID) $user->roles->sync([ID_R1, ID_R2, ID_R3..]) ``` GuzzleHttp ``` $client = new GuzzleHttp\Client(['base_uri' => APP_URL]); $client->post('/api/users', [ 'headers' => ['Authorization': 'BEARER '.TOKEN], 'json' => [ 'permissions': [ID_R1, ID_R2, ID_R3..] ], ] ``` axios ``` axios.post('/api/auth/login', { email: 'admin@laravelha.com', password: 'password', }); axios.defaults.headers.common['Authorization'] = AUTH_TOKEN; axios.put('/api/auth/users/' + ID, { permissions: [ID_R1, ID_R2, ID_R3..], }); ``` cUrl ``` curl -X POST "APP_URL/api/auth/login" -H "accept: application/json" -H "Content-Type: application/json" -d "{ \"email\": \"admin@laravelha.com\", \"password\": \"password\"}" curl -X PUT "APP_URL/api/auth/users/ID" -H "accept: application/json" -H "Authorization: Bearer TOKEN" -d "{ \"roles\": \"[ID_R1, ID_R2, ID_R3..]\"}" ``` Screenshots ----------- [](#screenshots) [![Swagger](/screenshots/swagger.png)](/screenshots/swagger.png) ### Health Score 23 — LowBetter than 27% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity10 Limited adoption so far Community8 Small or concentrated contributor base Maturity46 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~3 days Total 7 Last Release 2254d ago ### Community Maintainers ![](https://avatars.githubusercontent.com/u/5609896?v=4)[Pedro Augusto](/maintainers/pedroufv)[@pedroufv](https://github.com/pedroufv) --- Top Contributors [![pedroufv](https://avatars.githubusercontent.com/u/5609896?v=4)](https://github.com/pedroufv "pedroufv (31 commits)") --- Tags jwtauthacl ### Code Quality TestsPHPUnit Code StylePHP\_CodeSniffer ### Embed Badge ![Health badge](/badges/laravelha-jwt-auth-acl/health.svg) ``` [![Health](https://phpackages.com/badges/laravelha-jwt-auth-acl/health.svg)](https://phpackages.com/packages/laravelha-jwt-auth-acl) ``` ### Alternatives [tymon/jwt-auth JSON Web Token Authentication for Laravel and Lumen 11.5k49.1M350](/packages/tymon-jwt-auth)[zizaco/entrust This package provides a flexible way to add Role-based Permissions to Laravel. Supports laravel 5|6|7|8 6.0k5.3M61](/packages/zizaco-entrust)[php-open-source-saver/jwt-auth JSON Web Token Authentication for Laravel and Lumen 8359.8M53](/packages/php-open-source-saver-jwt-auth)[codegreencreative/laravel-samlidp Make your PHP Laravel application an Identification Provider using SAML 2.0. This package allows you to implement your own Identification Provider (idP) using the SAML 2.0 standard to be used with supporting SAML 2.0 Service Providers (SP). 263763.5k1](/packages/codegreencreative-laravel-samlidp)[auth0/login Auth0 Laravel SDK. Straight-forward and tested methods for implementing authentication, and accessing Auth0's Management API endpoints. 2745.0M3](/packages/auth0-login)[generationtux/jwt-artisan JWT auth package for Laravel and Lumen 13953.1k](/packages/generationtux-jwt-artisan) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)