PHPackages samfrm/lumen-passport - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. samfrm/lumen-passport ActiveLibrary samfrm/lumen-passport ===================== Making Laravel Passport work with Lumen v0.1.1(4y ago)275011MITPHPPHP >=8.0 Since Mar 16Pushed 4y ago1 watchersCompare [ Source](https://github.com/samfrm/lumen-passport)[ Packagist](https://packagist.org/packages/samfrm/lumen-passport)[ Docs](https://github.com/samfrm/lumen-passport)[ RSS](/packages/samfrm-lumen-passport/feed)WikiDiscussions main Synced 1mo ago READMEChangelog (2)Dependencies (5)Versions (3)Used By (1) lumen-passport ============== [](#lumen-passport) A fork from: [lumen-passport](https://github.com/dusterio/lumen-passport) for Lumen > 9.x Making Laravel Passport work with Lumen A simple service provider that makes Laravel Passport work with Lumen Dependencies ------------ [](#dependencies) - PHP >= 8.0 - Lumen >= 9.0 Installation via Composer ------------------------- [](#installation-via-composer) First install Lumen if you don't have it yet: ``` $ composer create-project --prefer-dist laravel/lumen lumen-app ``` Then install Lumen Passport (it will fetch Laravel Passport along): ``` $ cd lumen-app $ composer require samfrm/lumen-passport ``` Or if you prefer, edit `composer.json` manually: ``` { "require": { "samfrm/lumen-passport": "^0.1" } } ``` ### Modify the bootstrap flow (`bootstrap/app.php` file) [](#modify-the-bootstrap-flow-bootstrapappphp-file) We need to enable both Laravel Passport provider and Lumen-specific provider: ``` // Enable Facades $app->withFacades(); // Enable Eloquent $app->withEloquent(); // Enable auth middleware (shipped with Lumen) $app->routeMiddleware([ 'auth' => App\Http\Middleware\Authenticate::class, ]); // Finally register two service providers - original one and Lumen adapter $app->register(Laravel\Passport\PassportServiceProvider::class); $app->register(Samfrm\LumenPassport\PassportServiceProvider::class); ``` ### Using with Laravel Passport 7.3.2 and newer [](#using-with-laravel-passport-732-and-newer) Laravel Passport 7.3.2 had a breaking change - new method introduced on Application class that exists in Laravel but not in Lumen. You could either lock in to an older version or swap the Application class like follows at the top of your `bootstrap/app.php` file: ``` $app = new \Samfrm\LumenPassport\Lumen7Application( dirname(__DIR__) ); ``` If you look inside this class - all it does is adding an extra method configurationIsCached() that always returns false. ### Migrate and install Laravel Passport [](#migrate-and-install-laravel-passport) ``` # Create new tables for Passport php artisan migrate # Install encryption keys and other necessary stuff for Passport php artisan passport:install ``` ### Installed routes [](#installed-routes) This package mounts the following routes after you call routes() method (see instructions below): VerbPathNamedRouteControllerActionMiddlewarePOST/oauth/token\\Laravel\\Passport\\Http\\Controllers\\AccessTokenControllerissueToken-GET/oauth/tokens\\Laravel\\Passport\\Http\\Controllers\\AuthorizedAccessTokenControllerforUserauthDELETE/oauth/tokens/{token\_id}\\Laravel\\Passport\\Http\\Controllers\\AuthorizedAccessTokenControllerdestroyauthPOST/oauth/token/refresh\\Laravel\\Passport\\Http\\Controllers\\TransientTokenControllerrefreshauthGET/oauth/clients\\Laravel\\Passport\\Http\\Controllers\\ClientControllerforUserauthPOST/oauth/clients\\Laravel\\Passport\\Http\\Controllers\\ClientControllerstoreauthPUT/oauth/clients/{client\_id}\\Laravel\\Passport\\Http\\Controllers\\ClientControllerupdateauthDELETE/oauth/clients/{client\_id}\\Laravel\\Passport\\Http\\Controllers\\ClientControllerdestroyauthGET/oauth/scopes\\Laravel\\Passport\\Http\\Controllers\\ScopeControllerallauthGET/oauth/personal-access-tokens\\Laravel\\Passport\\Http\\Controllers\\PersonalAccessTokenControllerforUserauthPOST/oauth/personal-access-tokens\\Laravel\\Passport\\Http\\Controllers\\PersonalAccessTokenControllerstoreauthDELETE/oauth/personal-access-tokens/{token\_id}\\Laravel\\Passport\\Http\\Controllers\\PersonalAccessTokenControllerdestroyauthPlease note that some of the Laravel Passport's routes had to 'go away' because they are web-related and rely on sessions (eg. authorise pages). Lumen is an API framework so only API-related routes are present. Configuration ------------- [](#configuration) Edit config/auth.php to suit your needs. A simple example: ``` return [ 'defaults' => [ 'guard' => 'api', 'passwords' => 'users', ], 'guards' => [ 'api' => [ 'driver' => 'passport', 'provider' => 'users', ], ], 'providers' => [ 'users' => [ 'driver' => 'eloquent', 'model' => \App\User::class ] ] ]; ``` Load the config in `bootstrap/app.php` since Lumen doesn't load config files automatically: ``` $app->configure('auth'); ``` Registering Routes ------------------ [](#registering-routes) Next, you should call the LumenPassport::routes method within the boot method of your application (one of your service providers). This method will register the routes necessary to issue access tokens and revoke access tokens, clients, and personal access tokens: ``` \Samfrm\LumenPassport\LumenPassport::routes($this->app); ``` You can add that into an existing group, or add use this route registrar independently like so; ``` \Samfrm\LumenPassport\LumenPassport::routes($this->app, ['prefix' => 'v1/oauth']); ``` User model ---------- [](#user-model) Make sure your user model uses Passport's `HasApiTokens` trait, eg.: ``` class User extends Model implements AuthenticatableContract, AuthorizableContract { use HasApiTokens, Authenticatable, Authorizable; /* rest of the model */ } ``` Extra features -------------- [](#extra-features) There are a couple of extra features that aren't present in Laravel Passport ### Allowing multiple tokens per client [](#allowing-multiple-tokens-per-client) Sometimes it's handy to allow multiple access tokens per password grant client. Eg. user logs in from several browsers simultaneously. Currently Laravel Passport does not allow that. ``` use Samfrm\LumenPassport\LumenPassport; // Somewhere in your application service provider or bootstrap process LumenPassport::allowMultipleTokens(); ``` ### Different TTLs for different password clients [](#different-ttls-for-different-password-clients) Laravel Passport allows to set one global TTL for access tokens, but it may be useful sometimes to set different TTLs for different clients (eg. mobile users get more time than desktop users). Simply do the following in your service provider: ``` // Second parameter is the client Id LumenPassport::tokensExpireIn(Carbon::now()->addYears(50), 2); ``` If you don't specify client Id, it will simply fall back to Laravel Passport implementation. ### Console command for purging expired tokens [](#console-command-for-purging-expired-tokens) Simply run `php artisan passport:purge` to remove expired refresh tokens and their corresponding access tokens from the database. Running with Apache httpd ------------------------- [](#running-with-apache-httpd) If you are using Apache web server, it may strip Authorization headers and thus break Passport. Add the following either to your config directly or to `.htaccess`: ``` RewriteEngine On RewriteCond %{HTTP:Authorization} ^(.*) RewriteRule .* - [e=HTTP_AUTHORIZATION:%1] ``` License ------- [](#license) The MIT License (MIT) Copyright (c) 2016 Denis Mysenko Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. ### Health Score 25 — LowBetter than 37% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity17 Limited adoption so far Community10 Small or concentrated contributor base Maturity45 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 2 Last Release 1516d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/118cf7a1764197db0864e7f9e667319e81e1c3c4ec60dc66a4301246702240fb?d=identicon)[samfrm](/maintainers/samfrm) --- Top Contributors [![samfrm](https://avatars.githubusercontent.com/u/22350651?v=4)](https://github.com/samfrm "samfrm (4 commits)") --- Tags phplumenlaravel passport ### Code Quality TestsPHPUnit ### Embed Badge ![Health badge](/badges/samfrm-lumen-passport/health.svg) ``` [![Health](https://phpackages.com/badges/samfrm-lumen-passport/health.svg)](https://phpackages.com/packages/samfrm-lumen-passport) ``` ### Alternatives [larastan/larastan Larastan - Discover bugs in your code without running it. A phpstan/phpstan extension for Laravel 6.4k43.5M5.2k](/packages/larastan-larastan)[dusterio/lumen-passport Making Laravel Passport work with Lumen 6511.3M9](/packages/dusterio-lumen-passport)[spiritix/lada-cache A Redis based, automated and scalable database caching layer for Laravel 591444.8k2](/packages/spiritix-lada-cache) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)