PHPackages                             t73biz/cakephp2-jwt-auth - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. t73biz/cakephp2-jwt-auth

AbandonedCakephp-plugin[Authentication &amp; Authorization](/categories/authentication)

t73biz/cakephp2-jwt-auth
========================

Cakephp 2 JWT Authentication

1.1.0(10y ago)74.0k8[1 issues](https://github.com/t73biz/cakephp2-jwt-auth/issues)MITPHP

Since Apr 4Pushed 9y ago3 watchersCompare

[ Source](https://github.com/t73biz/cakephp2-jwt-auth)[ Packagist](https://packagist.org/packages/t73biz/cakephp2-jwt-auth)[ Docs](http://github.com/t73biz/cakephp2-jwt-auth)[ RSS](/packages/t73biz-cakephp2-jwt-auth/feed)WikiDiscussions master Synced today

READMEChangelogDependencies (3)Versions (4)Used By (0)

CakePHP 2.x JWT Authentication (DEAD)
=====================================

[](#cakephp-2x-jwt-authentication-dead)

This project is no longer being actively developed.
===================================================

[](#this-project-is-no-longer-being-actively-developed)

This plugin is a CakePHP 2.x Authentication component and view helper for JWT.

Components
----------

[](#components)

- Auth/JwtTokeAuthenticate - A JSON Web Token implementation for CakePHP 2.6.x

Helpers
-------

[](#helpers)

- AuthHelper - Utility functions for helping with the authentication of users.

Requirements
------------

[](#requirements)

- PHP version: PHP 5.3+
- CakePHP version: 2.6 Stable

Support
-------

[](#support)

For support and feature request, please visit the [JWT Authentication Plugin Support](https://github.com/t73biz/cakephp2-jwt-auth/issues) section.

License
-------

[](#license)

Copyright 2011 - 2014, [Florian Krämer](http://github.com/burzum)Copyright 2015, [Ronald Chaplin](http://github.com/t73biz)

Licensed under [The MIT License](http://www.opensource.org/licenses/mit-license.php)
Redistributions of files must retain the above copyright notice.

Copyright
---------

[](#copyright)

Copyright 2011 - 2014 Florian Krämer

Copyright 2015 Ronald Chaplin

Version
-------

[](#version)

1.0.6

Installation
------------

[](#installation)

`composer require t73biz/cakephp2-jwt-auth 1.0.6`

This will install into the Plugin directory (in the `JwtAuth` folder). To run the tests, simply navigate to your webroot/test.php and follow the links for the test cases for the Authentication Adapter.

Usage
-----

[](#usage)

### Configuration

[](#configuration)

You can either declare this in your Controller's `$components` array, or on the fly in an `action` (if you need to load any configuration values, which you can't do when declaring in the `$components` array, for example).

```
public $components = array(
    'Auth' => array(
        'authenticate' => array(
            'JwtAuth.JwtToken' => array(
                'fields' => array(
                    'username' => 'username',
                    'password' => 'password',
                    'token' => 'public_key',
                ),
                'parameter' => '_token',
                'userModel' => 'User',
                'scope' => array('User.active' => 1),
                'pepper' => 'sneezing',
            ),
        ),
    ),
);

```

Or

```
$this->Auth->authenticate['JwtAuth.JwtToken'] = array(
    'fields' => array(
        'username' => 'username',
        'password' => 'password',
        'token' => 'public_key',
    ),
    'parameter' => '_token',
    'userModel' => 'User',
    'scope' => array('User.active' => 1),
    'pepper' => Configure::read('API.token.pepper'),
);

```

Where (excluding common authentication items):

- `fields` is an array containing the details of which passed values (POSTed) contain the `username`, `password` and `token`
    - `token` is used to hold a unique key against the user once authenticated and is also stored in the JWT
- `parameter` is the query string parameter that could hold the JWT
- `header` is the HTTP header that could hold the JWT
- `pepper` is the salt to use when encrypting your JWT (keep this super secret!)

#### Defaults

[](#defaults)

```
array(
    'fields' => array(
        'username' => 'username',
        'token' => 'token'
    ),
    'parameter' => '_token',
    'header' => 'X_JSON_WEB_TOKEN',
    'userModel' => 'User',
    'scope' => array(),
    'recursive' => 0,
    'contain' => null,
    'pepper' => '123'
);

```

### Authentication

[](#authentication)

You can authenticate by passing a valid JWT as either:

- The query string parameter defined as `parameter` in the config array (defaults to `_token`)
- The contents of the header defined as `header` in the config array (defaults to `X_JSON_WEB_TOKEN`)

TODO
----

[](#todo)

Implement an end to end example for inside clients and 3rd party client usage.

###  Health Score

35

—

LowBetter than 77% of packages

Maintenance17

Infrequent updates — may be unmaintained

Popularity29

Limited adoption so far

Community14

Small or concentrated contributor base

Maturity65

Established project with proven stability

 Bus Factor1

Top contributor holds 61.5% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~415 days

Total

2

Last Release

3695d ago

### Community

Maintainers

![](https://www.gravatar.com/avatar/e0acd8279d47a96b9ba7a8463ba5ef0b9dbbfd6e14b4d3a2c02ccc7f08bf0ba2?d=identicon)[t73biz](/maintainers/t73biz)

---

Top Contributors

[![t73biz](https://avatars.githubusercontent.com/u/169922?v=4)](https://github.com/t73biz "t73biz (8 commits)")[![codeeverything](https://avatars.githubusercontent.com/u/9589226?v=4)](https://github.com/codeeverything "codeeverything (5 commits)")

---

Tags

jwtAuthenticationcakephpauthenticate

###  Code Quality

TestsPHPUnit

### Embed Badge

![Health badge](/badges/t73biz-cakephp2-jwt-auth/health.svg)

```
[![Health](https://phpackages.com/badges/t73biz-cakephp2-jwt-auth/health.svg)](https://phpackages.com/packages/t73biz-cakephp2-jwt-auth)
```

###  Alternatives

[google/auth

Google Auth Library for PHP

1.4k294.2M220](/packages/google-auth)[admad/cakephp-jwt-auth

CakePHP plugin for authenticating using JSON Web Tokens

163762.9k8](/packages/admad-cakephp-jwt-auth)[ellaisys/aws-cognito

Laravel Authentication using AWS Cognito (Web and API)

123256.9k1](/packages/ellaisys-aws-cognito)[rainlab/user-plugin

User plugin for October CMS

11955.0k15](/packages/rainlab-user-plugin)[helsingborg-stad/municipio

A bootstrap theme for creating municipality sites.

4028.5k10](/packages/helsingborg-stad-municipio)[dev-toolbelt/jwt-token-manager

Framework-agnostic JWT token manager with RSA/HMAC support

111.3k](/packages/dev-toolbelt-jwt-token-manager)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)
