PHPackages planetadeleste/oc-jwtauth-plugin - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. planetadeleste/oc-jwtauth-plugin ActiveOctober-plugin[Authentication & Authorization](/categories/authentication) planetadeleste/oc-jwtauth-plugin ================================ JSON Web Token Authentication plugin for OctoberCMS with Lovata.Buddies 1.3.5(5y ago)039GPL-3.0-or-laterPHPPHP >=7.2 Since Aug 18Pushed 5y agoCompare [ Source](https://github.com/planetadeleste/oc-jwtauth-plugin)[ Packagist](https://packagist.org/packages/planetadeleste/oc-jwtauth-plugin)[ Docs](http://www.luders.com.br)[ RSS](/packages/planetadeleste-oc-jwtauth-plugin/feed)WikiDiscussions main Synced today READMEChangelog (1)Dependencies (1)Versions (11)Used By (0) [![](https://camo.githubusercontent.com/6da41f4c7f0de845a83c1058f2668b877416144815933458effe2029bc6d801d/68747470733a2f2f6f63746f626572636d732e636f6d2f73746f726167652f6170702f75706c6f6164732f7075626c69632f3538622f3861362f3062352f353862386136306235303133333733373937383530312e706e67)](https://camo.githubusercontent.com/6da41f4c7f0de845a83c1058f2668b877416144815933458effe2029bc6d801d/68747470733a2f2f6f63746f626572636d732e636f6d2f73746f726167652f6170702f75706c6f6164732f7075626c69632f3538622f3861362f3062352f353862386136306235303133333733373937383530312e706e67) [ ![](https://camo.githubusercontent.com/9e83d359f238ed990455526d7e3175dd4d9d4a920f9f8516495293538c0ee572/68747470733a2f2f7472617669732d63692e6f72672f706c616e65746164656c657374652f6f632d6a7774617574682d706c7567696e2e7376673f6272616e63683d6d61696e) ](https://travis-ci.org/planetadeleste/oc-jwtauth-plugin) [ ![](https://camo.githubusercontent.com/ac2705a6df23fb17e00cd37496972682e4bcc9f16cc44343117d438bc8e0f44c/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4f63746f626572434d532d506c7567696e2d2532334545373230332e737667) ](https://octobercms.com/plugin/planetadeleste-jwtauth) [ ![](https://camo.githubusercontent.com/604e3db9c8751116b3f765aad0353ec7ded655bbe8aaacbc38d8c4a6b784b3ed/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f446f6e6174652d50617950616c2d677265656e2e737667) ](https://www.paypal.com/cgi-bin/webscr?cmd=_s-xclick&hosted_button_id=2FHDXT4QTD7RA&source=url) [ ![](https://camo.githubusercontent.com/295f0bbb7af47f71720a44cd4d2c40c72eed8d2e9b302dea081b8cb78d13fba3/68747470733a2f2f696d672e736869656c64732e696f2f6769746875622f6c6963656e73652f706c616e65746164656c657374652f6f632d6a7774617574682d706c7567696e2e737667) ](https://www.gnu.org/licenses/gpl-3.0.en.html) [![Known Vulnerabilities](https://camo.githubusercontent.com/788cb26f988ee6e4930c7c871e7b60b9ee50841cffd0a570af91436c3621fead/68747470733a2f2f736e796b2e696f2f2f746573742f6769746875622f706c616e65746164656c657374652f6f632d6a7774617574682d706c7567696e2f62616467652e7376673f74617267657446696c653d636f6d706f7365722e6c6f636b)](https://snyk.io//test/github/planetadeleste/oc-jwtauth-plugin?targetFile=composer.lock) Introduction ============ [](#introduction) > This plugin is a fork of [rluders/oc-jwtauth-plugin](https://github.com/rluders/oc-jwtauth-plugin), adapted to be used with [Lovata.Buddies](https://github.com/oc-shopaholic/oc-buddies-plugin) plugin instead of RainLab.Users This plugin provides a JSON Web Tokens authentication mechanism for [OctoberCMS](http://www.octobercms.com) integrated with Lovata.Buddies. It's essential for your web application built with Angular, Vue.js, React or other modern Javascript frameworks. Requirements ------------ [](#requirements) - [Lovata.Buddies](https://github.com/oc-shopaholic/oc-buddies-plugin) plugin - [RLuders.CORS](https://octobercms.com/plugin/rluders-cors) plugin (optional, but recommended) Theme ----- [](#theme) - [Angular Skeleton](https://octobercms.com/theme/rluders-angular2) Tutorials --------- [](#tutorials) - [Creating Vue, Vuex and OctoberCMS APP - Login and Register](https://www.youtube.com/watch?v=8S3DySmMOuk) by [Watch and Learn](https://www.youtube.com/channel/UCXQC_GB5hG6PkzIhSMZ-hWA) Installation ============ [](#installation) Yes, you can install it from the repository (but I'll not provide a documentation for that - in this case I'll assume that you know what you are doing). I strongly recommend that you install it from [product page](https://octobercms.com/plugin/rluders-jwtauth) inside the OctoberCMS Marketplace. Configuration ============= [](#configuration) You must set a secret token for your application. Do do it, on October's Backend access: *Settings > Users > JWTAuth* Usage ===== [](#usage) Here's the list of available endpoints for this plugin. > If you are using [**Postman**](https://www.getpostman.com/), you can [click here to import the collection](https://www.getpostman.com/collections/5667c055f6f81ff3f821) with all the calls that you need to test it. Login ----- [](#login) `POST /api/auth/login` **Route name** `api.auth.login` ### Parameters [](#parameters) NameTypeRequiredDescriptionloginstringYesAccount login attributepasswordstringYesAccount password> The field `login` value can be the account `email` or `username`. You can select it on `RainLab.User` configuration what field should be used for login. ### Responses [](#responses) **SUCCESS** > Code: 200 ``` { token: (string), user: (object) } ``` **ERROR** > Code: 401 ``` { error: (invalid_credentials|could_not_create_token|user_inactive|user_is_banned) } ``` Register -------- [](#register) `POST /api/auth/register` **Route name** `api.auth.register` ### Parameters [](#parameters-1) NameTypeRequiredDescriptionusernamestringNoAccount usernameemailstringYesAccount emailpasswordstringYesAccount passwordpassword\_confirmationstringNoConfirm the new password> The field `username` can be **required**. It depends of your `RainLab.User` configuration. ### Responses [](#responses-1) **SUCCESS** > Code: 201 ``` [] ``` **ERROR** > Code: 401 ``` { error: (object|registration_disabled) } ``` ### Supported events [](#supported-events) - `rainlab.user.beforeRegister` - `rainlab.user.register` Account Activation ------------------ [](#account-activation) `POST /api/auth/account-activation` **Route name** `api.auth.account-activation` ### Parameters [](#parameters-2) NameTypeRequiredDescriptionactivation\_codestringYesAccount activation code### Responses [](#responses-2) **SUCCESS** > Code: 200 ``` [] ``` **ERROR** > Code: 422 ``` { error: (invalid_activation_code|invalid_user|user_not_found) } ``` Forgot Password --------------- [](#forgot-password) `POST /api/auth/forgot-password` **Route name** `api.auth.forgot-password` ### Parameters [](#parameters-3) NameTypeRequiredDescriptionemailstringYesAccount email### Responses [](#responses-3) **SUCCESS** > Code: 200 ``` [] ``` **ERROR** > Code: 404 ``` { error: (user_not_found) } ``` Reset Password -------------- [](#reset-password) `POST /api/auth/reset-password` **Route name** `api.auth.reset-password` ### Parameters [](#parameters-4) NameTypeRequiredDescriptionreset\_password\_codestringYesReset password codepasswordstringYesAccount new passwordpassword\_confirmationstringNoConfirm the new password### Responses [](#responses-4) **SUCCESS** > Code: 200 ``` [] ``` **ERROR** > Code: 422 ``` { error: (invalid_reset_password_code|invalid_user|invalid_reset_password_code) } ``` Refresh Token ------------- [](#refresh-token) `POST /api/auth/refresh-token` **Route name** `auth.api.refresh-token` ### Parameters [](#parameters-5) NameTypeRequiredDescriptiontokenstringYesValid user JWToken### Responses [](#responses-5) **SUCCESS** > Code: 200 ``` { token: (string) } ``` **ERROR** > Code: 403 ``` { error: (could_not_refresh_token|given_token_was_blacklisted) } ``` Get User -------- [](#get-user) `GET /api/auth/me` **Middleware** `jwt.auth` **Route name** `api.auth.me` ### Parameters [](#parameters-6) NameTypeRequiredDescriptiontokenstringYesValid token### Responses [](#responses-6) **SUCCESS** > Code: 200 ``` { user: (object) } ``` **ERROR** > Code: 404 ``` { error: (user_not_found) } ``` Known issues ============ [](#known-issues) Beside the fact that I'm always trying to solve the possible issues, bad things could happen. Here, an list of possible issues and how to fix it. Note to Apache users -------------------- [](#note-to-apache-users) In order to use the authorization Bearer Token you must add the following code to your `.httaccess` ``` RewriteEngine On RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule .* - [e=HTTP_AUTHORIZATION:%1] ``` License ======= [](#license) GPLv3 ### Health Score 28 — LowBetter than 54% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity7 Limited adoption so far Community13 Small or concentrated contributor base Maturity63 Established project with proven stability Bus Factor1 Top contributor holds 57.9% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~110 days Recently: every ~196 days Total 10 Last Release 1828d ago PHP version history (2 changes)v1.2.2PHP >=7.0 1.3.4PHP >=7.2 ### Community Maintainers ![](https://www.gravatar.com/avatar/77cc25e054eed4e6a541926059e4993906ec19126bd23e691906b6f32264a074?d=identicon)[planetadeleste](/maintainers/planetadeleste) --- Top Contributors [![rluders](https://avatars.githubusercontent.com/u/191027?v=4)](https://github.com/rluders "rluders (22 commits)")[![alvaro-canepa](https://avatars.githubusercontent.com/u/5142298?v=4)](https://github.com/alvaro-canepa "alvaro-canepa (5 commits)")[![khorashadi666](https://avatars.githubusercontent.com/u/43370342?v=4)](https://github.com/khorashadi666 "khorashadi666 (4 commits)")[![cch504](https://avatars.githubusercontent.com/u/30062429?v=4)](https://github.com/cch504 "cch504 (2 commits)")[![omid-mamandi](https://avatars.githubusercontent.com/u/109524457?v=4)](https://github.com/omid-mamandi "omid-mamandi (1 commits)")[![vittoboa](https://avatars.githubusercontent.com/u/38300176?v=4)](https://github.com/vittoboa "vittoboa (1 commits)")[![anotterdev](https://avatars.githubusercontent.com/u/18031711?v=4)](https://github.com/anotterdev "anotterdev (1 commits)")[![boxybird](https://avatars.githubusercontent.com/u/18317878?v=4)](https://github.com/boxybird "boxybird (1 commits)")[![Dinver](https://avatars.githubusercontent.com/u/36528841?v=4)](https://github.com/Dinver "Dinver (1 commits)") --- Tags jwtapiAuthenticationJSON Web Tokencmsoctoberoctobercms ### Embed Badge ![Health badge](/badges/planetadeleste-oc-jwtauth-plugin/health.svg) ``` [![Health](https://phpackages.com/badges/planetadeleste-oc-jwtauth-plugin/health.svg)](https://phpackages.com/packages/planetadeleste-oc-jwtauth-plugin) ``` ### Alternatives [auth0/auth0-php PHP SDK for Auth0 Authentication and Management APIs. 40820.2M66](/packages/auth0-auth0-php)[auth0/login Auth0 Laravel SDK. Straight-forward and tested methods for implementing authentication, and accessing Auth0's Management API endpoints. 2745.0M3](/packages/auth0-login)[auth0/symfony Symfony SDK for Auth0 Authentication and Management APIs. 128738.1k](/packages/auth0-symfony)[auth0/wordpress WordPress Plugin for Auth0 17419.5k](/packages/auth0-wordpress)[benbjurstrom/cognito-jwt-guard A laravel auth guard for JSON Web Tokens issued by Amazon AWS Cognito 1113.1k](/packages/benbjurstrom-cognito-jwt-guard) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)