PHPackages lcharette/laravel-auth-api - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. lcharette/laravel-auth-api ActivePackages[Authentication & Authorization](/categories/authentication) lcharette/laravel-auth-api ========================== Basic auth API routes for Single Page Application. 0.0.1(5y ago)052MITPHPPHP ^7.3|^8.0 Since Apr 4Pushed 5y ago1 watchersCompare [ Source](https://github.com/lcharette/Laravel-Auth-API)[ Packagist](https://packagist.org/packages/lcharette/laravel-auth-api)[ RSS](/packages/lcharette-laravel-auth-api/feed)WikiDiscussions main Synced yesterday READMEChangelog (1)Dependencies (5)Versions (3)Used By (0) Laravel Auth API ================ [](#laravel-auth-api) [![](https://camo.githubusercontent.com/845653cfbe33e777806d481dfb6c575881ccc92ce5ea53738e5ffbb3aa117926/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f72656c656173652f6c63686172657474652f4c61726176656c2d417574682d4150492e737667)](https://github.com/lcharette/Laravel-Auth-API/releases) BranchBuildCoverageStyle[main](https://github.com/lcharette/Laravel-Auth-API)[![](https://github.com/lcharette/Laravel-Auth-API/workflows/Build/badge.svg?branch=main)](https://github.com/lcharette/Laravel-Auth-API/actions?query=workflow%3ABuild)[![](https://camo.githubusercontent.com/024b52084ec0b84bbef591e9274d753bff90e7d27afdaa5709874fbc74e298bd/68747470733a2f2f636f6465636f762e696f2f67682f6c63686172657474652f4c61726176656c2d417574682d4150492f6272616e63682f6d61696e2f67726170682f62616467652e7376673f746f6b656e3d335a48514433394b4b36)](https://codecov.io/gh/lcharette/Laravel-Auth-API)[![](https://github.com/lcharette/Laravel-Auth-API/workflows/Style%20CI/badge.svg?branch=main)](https://github.com/lcharette/Laravel-Auth-API/actions?query=workflow%3A%22Style+CI%22)Basic reusable auth API routes for Laravel based SPA application. No UI is provided with this package, except the one require for email validation and password recovery. This is meant to be the starting point for your Vue (or similar) based frontend. **This is still a work in progress and might not be used for production yet** Usage ----- [](#usage) ### Setup [](#setup) ``` composer require lcharette/laravel-auth-api ``` Next, you'll need to update your User model so it implemen `Tymon\JWTAuth\Contracts\JWTSubject`. The `Lcharette\AuthApi\Auth\isJWTSubject` trait can be used to add the required methods. For example : ``` class User extends Authenticatable implements JWTSubject { use Notifiable, SoftDeletes, HasFactory, isJWTSubject; ... } ``` ### Available Routes [](#available-routes) Once installed, this packages adds the following routes to you Laravel app : MethodRouteDescriptionRequired DataPOST`/api/register`Post to this route to register a new user.`username`, `email`, `password`, `password_confirm`POST`/api/login`Perform login and return auth token.`email`, `password`POST`/api/logout`Perform logout action and invalidade current token.POST`/api/refresh`Refresh current token and returns new one.GET`/api/user`Return the current user information inside `data` key.All routes will return a `200` status with json string if successfull. Any error will returns as a `400` error code with the error detail inside the json response. A `403` (forbidden) status code will be returned if the route is accessed without a valid token (except for login and register routes). ### Limiting Other Routes [](#limiting-other-routes) If you want to limit routes from your app to only "logged in" user, that is users that provides a valid token, you can add the `Lcharette\AuthApi\Http\Middleware\RequireAuth` middleware to any route or group of route. For example, this will make `/list` returns a `403` error if a valid token is not passed with the request : ``` Route::middleware([RequireAuth::class, 'api'])->group(function () { Route::get('/lists', [ListController::class, 'index']); }); ``` Alternatively, the `Lcharette\AuthApi\Http\Middleware\RequireGuest` middleware can be used if the route required the user **not** to be logged in. ### Posting Token from Axios (Vue.js) [](#posting-token-from-axios-vuejs) Token can be retreived from the login response and set as default header for future axios request. Just be sure to removed the token on logout or 401 error. ``` axios.post("/api/login", { email, password }) .then(resp => { axios.defaults.headers.common['Authorization'] = 'Bearer ' + resp.data.access_token }) .catch(err => { localStorage.removeItem("access_token"); }); ``` TODO ---- [](#todo) - Revoke token - Update profile - Update password - Two Factor - Password reset - Email confirmation - Custom user Trait / Interface - Add more customisabilisation License ------- [](#license) This package is open-sourced under the [MIT license](https://opensource.org/licenses/MIT). ### Health Score 23 — LowBetter than 27% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity8 Limited adoption so far Community7 Small or concentrated contributor base Maturity48 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Unknown Total 1 Last Release 1864d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/a58517f6c9aea65a660cb28e0fe5e3139696c6d5a7c96f91576aff0f0267c750?d=identicon)[lcharette](/maintainers/lcharette) --- Top Contributors [![lcharette](https://avatars.githubusercontent.com/u/2566513?v=4)](https://github.com/lcharette "lcharette (14 commits)") ### Code Quality TestsPHPUnit Code StylePHP CS Fixer ### Embed Badge ![Health badge](/badges/lcharette-laravel-auth-api/health.svg) ``` [![Health](https://phpackages.com/badges/lcharette-laravel-auth-api/health.svg)](https://phpackages.com/packages/lcharette-laravel-auth-api) ``` ### Alternatives [lab404/laravel-impersonate Laravel Impersonate is a plugin that allows to you to authenticate as your users. 2.3k16.4M48](/packages/lab404-laravel-impersonate)[santigarcor/laratrust This package provides a flexible way to add Role-based Permissions to Laravel 2.3k5.4M43](/packages/santigarcor-laratrust)[overtrue/laravel-follow User follow unfollow system for Laravel. 1.2k404.7k5](/packages/overtrue-laravel-follow)[rickycezar/laravel-jwt-impersonate Laravel Impersonate is a plugin that allows to you to authenticate as your users. 24117.6k](/packages/rickycezar-laravel-jwt-impersonate) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)