PHPackages panchodp/laravel-fingerprint - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Security](/categories/security) 4. / 5. panchodp/laravel-fingerprint ActiveLibrary[Security](/categories/security) panchodp/laravel-fingerprint ============================ Laravel Session theft protection via client fingerprinting — auto-invalidates sessions used from unrecognized devices. 0.1.5(3w ago)14MITPHPPHP ^8.4CI passing Since Apr 6Pushed 3w agoCompare [ Source](https://github.com/PanchoDP/laravel-fingerprint)[ Packagist](https://packagist.org/packages/panchodp/laravel-fingerprint)[ RSS](/packages/panchodp-laravel-fingerprint/feed)WikiDiscussions master Synced 1w ago READMEChangelogDependencies (8)Versions (7)Used By (0) [![Logo for Laravel Fingerprint Package](art/Laravel-Fingerprint.webp)](art/Laravel-Fingerprint.webp) Laravel Fingerprint =================== [](#laravel-fingerprint) [![PHP](https://camo.githubusercontent.com/80c4564163cef31b2a66baaeb95a5bf4a418bcb5242a5ae707b94c2f4811e742/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048502d382e342532422d626c7565)](https://camo.githubusercontent.com/80c4564163cef31b2a66baaeb95a5bf4a418bcb5242a5ae707b94c2f4811e742/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048502d382e342532422d626c7565)[![Total Downloads](https://camo.githubusercontent.com/f54fd987552c5919d47b5fb16bcc8a2b55a515c6c0ca27f7c54921fffd91b486/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f64742f70616e63686f64702f6c61726176656c2d66696e6765727072696e74)](https://packagist.org/packages/panchodp/laravel-fingerprint)[![Latest Stable Version](https://camo.githubusercontent.com/bcab77a74b61012c8f969b6e069acc4a4676dfae9edbce7a6de42527ebc1f929/68747470733a2f2f696d672e736869656c64732e696f2f7061636b61676973742f762f70616e63686f64702f6c61726176656c2d66696e6765727072696e742e737667)](https://packagist.org/packages/panchodp/laravel-fingerprint)[![License](https://camo.githubusercontent.com/5caa455d8debc46fb23abbadb45a733a937f3910a73fc875c2f7820468e1bb54/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4c6963656e73652d4d49542d677265656e)](https://camo.githubusercontent.com/5caa455d8debc46fb23abbadb45a733a937f3910a73fc875c2f7820468e1bb54/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4c6963656e73652d4d49542d677265656e)[![Tests](https://github.com/PanchoDP/laravel-fingerprint/actions/workflows/tests.yml/badge.svg)](https://github.com/PanchoDP/laravel-fingerprint/actions/workflows/tests.yml) Protects against session hijacking by generating a fingerprint from the client's request headers. If the fingerprint changes mid-session, the session is invalidated and the user is redirected. Requirements ------------ [](#requirements) - PHP ^8.4 - Laravel 12 or 13 Installation ------------ [](#installation) ``` composer require panchodp/laravel-fingerprint ``` Usage ----- [](#usage) Add the `fingerprint` middleware to the routes you want to protect: ``` Route::middleware(['auth', 'fingerprint'])->group(function () { // protected routes }); ``` Or enable it globally for all `web` routes via the `LARAVEL_FINGERPRINT_GLOBAL=true` environment variable (see [Configuration](#configuration)). On the first request, the fingerprint is stored in the session. On subsequent requests, it is compared — if it doesn't match, the session is invalidated and the user is redirected. Configuration ------------- [](#configuration) Publish the config file: ``` php artisan vendor:publish --tag=laravel-fingerprint-config ``` Available options in `config/laravel_fingerprint.php`: KeyEnv variableDefaultDescription`enabled``LARAVEL_FINGERPRINT_ENABLED``true`Enable or disable the package`include_ip``LARAVEL_FINGERPRINT_INCLUDE_IP``false`Include the client IP in the fingerprint (not recommended for mobile/dynamic IPs)`redirect_route``LARAVEL_FINGERPRINT_REDIRECT_ROUTE``login`Named route to redirect to when the fingerprint doesn't match`global``LARAVEL_FINGERPRINT_GLOBAL``false`Apply the middleware automatically to all routes in the `web` middleware groupHow it works ------------ [](#how-it-works) The fingerprint is a SHA-256 hash of: ``` UserAgent | Accept-Language | Accept-Encoding [ | IP ] ``` If a session cookie is stolen and used from a different device or browser, the fingerprint won't match and the session will be invalidated. License ------- [](#license) The MIT License (MIT). Please see [License File](LICENSE.md) for more information. ### Health Score 39 — LowBetter than 84% of packages Maintenance94 Actively maintained with recent releases Popularity5 Limited adoption so far Community6 Small or concentrated contributor base Maturity45 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~7 days Total 6 Last Release 27d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/fbd7042f63f458531364245f5985884dea96cc46d2b7844d5dd8c0bcad61f8e8?d=identicon)[Francisco de Pablo](/maintainers/Francisco%20de%20Pablo) --- Top Contributors [![PanchoDP](https://avatars.githubusercontent.com/u/68023592?v=4)](https://github.com/PanchoDP "PanchoDP (12 commits)") --- Tags phplaravelsecurityFingerprint ### Code Quality TestsPest Static AnalysisPHPStan, Rector Code StyleLaravel Pint ### Embed Badge ![Health badge](/badges/panchodp-laravel-fingerprint/health.svg) ``` [![Health](https://phpackages.com/badges/panchodp-laravel-fingerprint/health.svg)](https://phpackages.com/packages/panchodp-laravel-fingerprint) ``` ### Alternatives [psalm/plugin-laravel Psalm plugin for Laravel 3325.1M337](/packages/psalm-plugin-laravel)[larastan/larastan Larastan - Discover bugs in your code without running it. A phpstan/phpstan extension for Laravel 6.4k51.0M7.4k](/packages/larastan-larastan)[laravel/mcp Rapidly build MCP servers for your Laravel applications. 76318.2M110](/packages/laravel-mcp)[api-platform/laravel API Platform support for Laravel 59156.3k10](/packages/api-platform-laravel)[calebdw/larastan Larastan - Discover bugs in your code without running it. A phpstan/phpstan extension for Laravel 15104.9k4](/packages/calebdw-larastan) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)