PHPackages                             patrikjak/auth - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. patrikjak/auth

ActiveLibrary[Authentication &amp; Authorization](/categories/authentication)

patrikjak/auth
==============

Simple auth package for laravel apps

v2.0.1(2mo ago)07401MITPHPPHP ^8.4CI passing

Since Dec 26Pushed 2mo ago1 watchersCompare

[ Source](https://github.com/patrikjak/auth)[ Packagist](https://packagist.org/packages/patrikjak/auth)[ RSS](/packages/patrikjak-auth/feed)WikiDiscussions main Synced 2d ago

READMEChangelog (10)Dependencies (27)Versions (14)Used By (1)

Auth
====

[](#auth)

[![codecov](https://camo.githubusercontent.com/48ff2d9f904014bdea8eee3c924327630b7e7aeb23ef6163a2bce033650d65ab/68747470733a2f2f636f6465636f762e696f2f67682f70617472696b6a616b2f617574682f67726170682f62616467652e7376673f746f6b656e3d41313342354639464d5a)](https://codecov.io/gh/patrikjak/auth)

Simple auth package for Laravel apps. Requires `patrikjak/utils`.

Installation
------------

[](#installation)

```
composer require patrikjak/auth
```

Setup
-----

[](#setup)

Register both service providers in `bootstrap/providers.php`:

```
use Patrikjak\Auth\AuthServiceProvider;
use Patrikjak\Utils\UtilsServiceProvider;

return [
    // ...
    UtilsServiceProvider::class,
    AuthServiceProvider::class,
];
```

Run the install command to publish all assets, config, migrations, and translations, remove default Laravel auth migrations, run fresh migrations, and seed default roles:

```
php artisan install:pjauth
```

Or publish individually:

```
php artisan vendor:publish --tag="pjauth-assets" --force
php artisan vendor:publish --tag="pjauth-config"
php artisan vendor:publish --tag="pjauth-migrations" --force
php artisan vendor:publish --tag="pjauth-translations" --force
php artisan vendor:publish --tag="pjauth-views" --force   # optional
```

To keep config up to date on every `composer update`, add to your `composer.json`:

```
"scripts": {
    "post-update-cmd": [
        "@php artisan vendor:publish --tag=pjauth-config --force"
    ]
}
```

> Laravel cannot merge multidimensional arrays in config files, so the config must be re-published after updates.

Configuration
-------------

[](#configuration)

All options live in `config/pjauth.php`.

### Custom User model

[](#custom-user-model)

```
AUTH_MODEL=App\Models\User
```

Default is `Patrikjak\Auth\Models\User`.

### Custom repository

[](#custom-repository)

```
// config/pjauth.php
'repositories' => [
    'user' => \App\Repositories\UserRepository::class,
],
```

The custom implementation must implement `Patrikjak\Auth\Repositories\Interfaces\UserRepository`.

### Redirects

[](#redirects)

```
'redirect_after_login'  => env('REDIRECT_AFTER_LOGIN', '/dashboard'),
'redirect_after_logout' => env('REDIRECT_AFTER_LOGOUT', '/'),
```

### Feature flags

[](#feature-flags)

All features are enabled by default except `register_via_invitation`:

```
'features' => [
    'register'                => true,
    'login'                   => true,
    'password_reset'          => true,
    'change_password'         => true,
    'register_via_invitation' => false,
],
```

Routes are only registered when their respective feature is enabled.

Routes
------

[](#routes)

Web routes use `['web', 'guest']` middleware. API routes use `['web', 'guest']` for unauthenticated endpoints and `['web', 'auth']` for authenticated ones.

### Middleware

[](#middleware)

Use `VerifyRole` to protect routes by role:

```
use Patrikjak\Auth\Http\Middlewares\VerifyRole;

Route::middleware(['web', 'auth', VerifyRole::withRole('admin')]);
```

Super admins pass all role checks.

Roles
-----

[](#roles)

Default roles are defined in `config/pjauth.php` under `default_roles`. Use `pjauth:sync-roles` to seed them — see [Artisan Commands](#artisan-commands).

Artisan Commands
----------------

[](#artisan-commands)

### Sync roles

[](#sync-roles)

```
php artisan pjauth:sync-roles
```

Seeds roles from `pjauth.default_roles` config into the database (uses `firstOrCreate` — safe to re-run).

### Create users interactively

[](#create-users-interactively)

```
php artisan pjauth:create-users
```

Prompts for name, email, password, and role. Loops until you decline to add another user.

### Send register invite

[](#send-register-invite)

```
php artisan pjauth:send-invite user@example.com
# or pass a role ID directly:
php artisan pjauth:send-invite user@example.com --role=
```

If `--role` is not provided, available roles are listed and you are prompted to choose.

Socialite (Google)
------------------

[](#socialite-google)

Enable in config (enabled by default) and add credentials:

```
GOOGLE_CLIENT_ID=
GOOGLE_CLIENT_SECRET=
```

Add to `config/services.php`:

```
'google' => [
    'client_id'     => env('GOOGLE_CLIENT_ID'),
    'client_secret' => env('GOOGLE_CLIENT_SECRET'),
    'redirect'      => sprintf('%s/auth/google/callback', env('APP_URL')),
],
```

Register via Invitation
-----------------------

[](#register-via-invitation)

Enable the feature flag:

```
'features' => [
    'register_via_invitation' => true,
],
```

When enabled, the invitation routes are registered. Google social login on the login screen remains available so existing users can still sign in via Google — only the "sign up with Google" button on the register screen is hidden, and Google OAuth cannot be used to create a new account.

Send an invite from the command line — see [Artisan Commands](#artisan-commands).

The invite email contains a tokenised link to `GET /register/{token}?email=...`. On submission it calls `POST /api/invite/register`.

Change Password
---------------

[](#change-password)

Enable the feature flag (enabled by default):

```
'features' => [
    'change_password' => true,
],
```

Call the authenticated endpoint:

```
PATCH api/change-password

```

Request body:

```
{
    "current_password": "current_password",
    "password": "new_password",
    "password_confirmation": "new_password"
}
```

Old password validation is on by default. To skip it (e.g. admin resetting another user's password):

```
{
    "password": "new_password",
    "password_confirmation": "new_password",
    "validate_current_password": false
}
```

reCAPTCHA
---------

[](#recaptcha)

Enabled by default on register, login, and password reset API endpoints. Disable globally:

```
'recaptcha' => [
    'enabled' => false,
],
```

Or provide the keys:

```
RECAPTCHA_SITE_KEY=
RECAPTCHA_SECRET_KEY=
```

###  Health Score

47

—

FairBetter than 93% of packages

Maintenance87

Actively maintained with recent releases

Popularity16

Limited adoption so far

Community11

Small or concentrated contributor base

Maturity63

Established project with proven stability

 Bus Factor1

Top contributor holds 100% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~49 days

Recently: every ~97 days

Total

11

Last Release

62d ago

Major Versions

v1.5.0 → v2.0.02026-05-02

PHP version history (2 changes)1.0.0PHP ^8.3

1.1.0PHP ^8.4

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/49360467?v=4)[Patrik Jakab](/maintainers/patrikjak)[@patrikjak](https://github.com/patrikjak)

---

Top Contributors

[![patrikjak](https://avatars.githubusercontent.com/u/49360467?v=4)](https://github.com/patrikjak "patrikjak (23 commits)")

---

Tags

packagelaravelauth

###  Code Quality

TestsPHPUnit

Static AnalysisPHPStan

Type Coverage Yes

### Embed Badge

![Health badge](/badges/patrikjak-auth/health.svg)

```
[![Health](https://phpackages.com/badges/patrikjak-auth/health.svg)](https://phpackages.com/packages/patrikjak-auth)
```

###  Alternatives

[unopim/unopim

UnoPim Laravel PIM

10.5k2.4k](/packages/unopim-unopim)[bagisto/bagisto

Bagisto Laravel E-Commerce

27.6k172.1k9](/packages/bagisto-bagisto)[lab404/laravel-impersonate

Laravel Impersonate is a plugin that allows to you to authenticate as your users.

2.3k18.6M64](/packages/lab404-laravel-impersonate)[nasirkhan/laravel-starter

A CMS like modular Laravel starter project.

1.4k2.7k](/packages/nasirkhan-laravel-starter)[lakm/nopass

Provides passwordless authentication for your laravel projects.

2215.9k3](/packages/lakm-nopass)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
