PHPackages wazobiatech/laravel-auth-guard - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. wazobiatech/laravel-auth-guard ActiveLibrary[Authentication & Authorization](/categories/authentication) wazobiatech/laravel-auth-guard ============================== JWT and Project authentication middleware for Laravel with JWKS support 0150↓100%PHP Since Dec 16Pushed 4mo agoCompare [ Source](https://github.com/wazobiatech/laravel-auth-guard)[ Packagist](https://packagist.org/packages/wazobiatech/laravel-auth-guard)[ RSS](/packages/wazobiatech-laravel-auth-guard/feed)WikiDiscussions main Synced 2mo ago READMEChangelogDependenciesVersions (1)Used By (0) Laravel Auth Guard ================== [](#laravel-auth-guard) [![Laravel](https://camo.githubusercontent.com/1ef1586422f8fac90eab8078edf7fce9ab4d795dfc6e84d64a45a0fb130bd582/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4c61726176656c2d392532422532302537432532303130253230253743253230313125323025374325323031322d4646324432303f7374796c653d666f722d7468652d6261646765266c6f676f3d6c61726176656c266c6f676f436f6c6f723d7768697465)](https://camo.githubusercontent.com/1ef1586422f8fac90eab8078edf7fce9ab4d795dfc6e84d64a45a0fb130bd582/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4c61726176656c2d392532422532302537432532303130253230253743253230313125323025374325323031322d4646324432303f7374796c653d666f722d7468652d6261646765266c6f676f3d6c61726176656c266c6f676f436f6c6f723d7768697465)[![PHP](https://camo.githubusercontent.com/aad484e00fb351cf0422a5593ac12c9e59674716481a53430859d4f1a3221e51/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048502d382e302532422d3737374242343f7374796c653d666f722d7468652d6261646765266c6f676f3d706870266c6f676f436f6c6f723d7768697465)](https://camo.githubusercontent.com/aad484e00fb351cf0422a5593ac12c9e59674716481a53430859d4f1a3221e51/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f5048502d382e302532422d3737374242343f7374796c653d666f722d7468652d6261646765266c6f676f3d706870266c6f676f436f6c6f723d7768697465)[![Redis](https://camo.githubusercontent.com/a41c67022a622bfa4bdb336007aba0d9e07ec8de16eb31a3b32f1e71c1646ed2/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f52656469732d52657175697265642d4443333832443f7374796c653d666f722d7468652d6261646765266c6f676f3d7265646973266c6f676f436f6c6f723d7768697465)](https://camo.githubusercontent.com/a41c67022a622bfa4bdb336007aba0d9e07ec8de16eb31a3b32f1e71c1646ed2/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f52656469732d52657175697265642d4443333832443f7374796c653d666f722d7468652d6261646765266c6f676f3d7265646973266c6f676f436f6c6f723d7768697465)[![License](https://camo.githubusercontent.com/9218332452902d9e542a100d0af126fd3174a116456614d2cf093546a13783db/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4c6963656e73652d4d49542d677265656e2e7376673f7374796c653d666f722d7468652d6261646765)](https://camo.githubusercontent.com/9218332452902d9e542a100d0af126fd3174a116456614d2cf093546a13783db/68747470733a2f2f696d672e736869656c64732e696f2f62616467652f4c6963656e73652d4d49542d677265656e2e7376673f7374796c653d666f722d7468652d6261646765) **Production-ready JWT and Project authentication package for Laravel applications** *Secure, scalable, and feature-complete authentication solution with JWKS support, Redis caching, and GraphQL integration.* [Quick Start](#quick-start) • [Installation](#installation) • [Configuration](#configuration) • [Usage Examples](#usage-examples) • [GraphQL Integration](#graphql-integration) • [Troubleshooting](#troubleshooting) --- ✨ Key Features -------------- [](#-key-features) - 🔐 **JWT Authentication** - RS512 algorithm with automatic key rotation via JWKS - 🏢 **Project Token Authentication** - Mercury service integration for project-level access control - 🚀 **Combined Authentication** - Support for dual JWT + Project token validation - ⚡ **Redis-Powered** - High-performance caching and token blacklisting - 📊 **GraphQL Ready** - Native Lighthouse GraphQL directives (`@jwtAuth`, `@projectAuth`) - 🔄 **Token Revocation** - Real-time token blacklisting and invalidation - 🐳 **Docker Compatible** - Production-ready containerization support - 🛠️ **Auto-Discovery** - Zero-config Laravel package registration - 📝 **Comprehensive Logging** - Optional detailed authentication flow logging - 🧪 **Fully Tested** - Battle-tested in production environments --- 🚀 Quick Start ------------- [](#-quick-start) Get up and running in 5 minutes: ``` # 1. Install the package composer require wazobiatech/laravel-auth-guard # 2. Install Redis (if not already installed) composer require predis/predis # 3. Publish configuration php artisan vendor:publish --tag=auth-guard-config # 4. Configure environment variables cp vendor/wazobiatech/laravel-auth-guard/.env.sample .env.example # Add the variables to your .env file # 5. Set up Redis connection in config/database.php # (See detailed instructions below) # 6. Start using authentication in your routes/GraphQL ``` **That's it!** You can now use `@jwtAuth` and `@projectAuth` directives in GraphQL or `jwt.auth` and `project.auth` middleware in routes. --- 📋 Table of Contents ------------------- [](#-table-of-contents) - [Requirements](#requirements) - [Installation](#installation) - [Configuration](#configuration) - [Environment Setup](#environment-setup) - [Redis Configuration](#redis-configuration) - [Mercury Integration](#mercury-integration) - [Usage Examples](#usage-examples) - [GraphQL Authentication](#graphql-authentication) - [REST API Authentication](#rest-api-authentication) - [Programmatic Usage](#programmatic-usage) - [GraphQL Integration](#graphql-integration) - [Authentication Flow](#authentication-flow) - [Token Management](#token-management) - [Testing & Debugging](#testing--debugging) - [Troubleshooting](#troubleshooting) - [Production Deployment](#production-deployment) - [API Reference](#api-reference) --- ⚙️ Requirements --------------- [](#️-requirements) ComponentVersionRequired**PHP**`^8.0`✅ Required**Laravel**`^9.0 | ^10.0 | ^11.0 | ^12.0`✅ Required**Redis**`Latest`✅ Required**Redis Client**Predis `^2.0` or PhpRedis✅ Required**Mercury Service**Mercury API access✅ Required for project auth**Lighthouse GraphQL**`^6.0 | ^7.0`⚠️ Optional (for GraphQL)### System Requirements [](#system-requirements) - **Memory**: Minimum 128MB (256MB recommended) - **Network**: HTTPS access to Mercury service endpoints - **Redis**: Dedicated database for authentication (recommended DB 2) --- 📦 Installation -------------- [](#-installation) ### Step 1: Install the Package [](#step-1-install-the-package) ``` composer require wazobiatech/laravel-auth-guard ``` *The service provider will be automatically registered via Laravel's package discovery.* ### Step 2: Install Redis Client [](#step-2-install-redis-client) Choose one of these Redis clients: **Option A: Predis (Recommended - Pure PHP)** ``` composer require predis/predis ``` **Option B: PhpRedis Extension (Higher Performance)** ``` # Ubuntu/Debian sudo apt-get install php-redis # Alpine Linux (Docker) apk add php82-pecl-redis # macOS (Homebrew) brew install php@8.2 pecl install redis # Windows (XAMPP) # Download php_redis.dll and add to php.ini ``` ### Step 3: Publish Configuration [](#step-3-publish-configuration) ``` php artisan vendor:publish --tag=auth-guard-config ``` This creates `config/auth-guard.php` with all configuration options. ### Step 4: Verify Installation [](#step-4-verify-installation) ``` # Test Redis connection php artisan tinker >>> Redis::ping() # Should return: "+PONG" # Check package registration >>> app('Wazobia\LaravelAuthGuard\Services\JwtAuthService') # Should return service instance ``` --- 🔧 Configuration --------------- [](#-configuration) ### Environment Setup [](#environment-setup) The package provides a comprehensive `.env.sample` with all configuration options: ``` # Copy sample environment file cp vendor/wazobiatech/laravel-auth-guard/.env.sample .env.auth-guard # Add to your main .env file cat .env.auth-guard >> .env ``` ### Core Environment Variables [](#core-environment-variables) ``` # ============================================ # MERCURY SERVICE (Required) # ============================================ MERCURY_BASE_URL=https://mercury.tiadara.com SIGNATURE_SHARED_SECRET=your-hmac-shared-secret SERVICE_ID=your-unique-service-identifier # ============================================ # JWT CONFIGURATION # ============================================ JWT_ALGORITHM=RS512 # Algorithm for JWT validation JWT_LEEWAY=30 # Clock skew tolerance (seconds) # ============================================ # CACHING & PERFORMANCE # ============================================ AUTH_CACHE_TTL=3600 # Token cache duration (seconds) AUTH_CACHE_PREFIX=auth_guard # Redis key prefix MERCURY_TIMEOUT=10 # HTTP request timeout (seconds) # ============================================ # REDIS CONFIGURATION # ============================================ REDIS_AUTH_DB=2 # Dedicated Redis DB for auth REDIS_HOST=127.0.0.1 # Redis server host REDIS_PORT=6379 # Redis server port REDIS_PASSWORD= # Redis password (if required) # ============================================ # HEADERS & SECURITY # ============================================ AUTH_JWT_HEADER=Authorization # JWT token header name AUTH_PROJECT_TOKEN_HEADER=X-Project-Token # Project token header # ============================================ # LOGGING & DEBUGGING # ============================================ AUTH_LOGGING_ENABLED=false # Enable detailed auth logging AUTH_LOG_CHANNEL=stack # Laravel log channel to use ``` ### Advanced Configuration Options [](#advanced-configuration-options) **Production Optimizations:** ``` # Performance tuning AUTH_CACHE_TTL=7200 # Longer cache for production MERCURY_TIMEOUT=5 # Faster timeout for prod JWT_LEEWAY=10 # Reduced clock skew tolerance # Security hardening AUTH_LOGGING_ENABLED=false # Disable verbose logging ``` **Development Setup:** ``` # Development settings AUTH_CACHE_TTL=60 # Short cache for testing AUTH_LOGGING_ENABLED=true # Enable debug logging JWT_LEEWAY=60 # Generous clock skew for dev ``` **Docker Environment:** ``` # Docker-specific settings REDIS_HOST=redis # Docker Compose service name REDIS_PORT=6379 MERCURY_BASE_URL=https://mercury.tiadara.com # External service ``` ### Redis Setup [](#redis-setup) Update `config/database.php`: ```