PHPackages wefabric/token-login - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. wefabric/token-login ActiveLibrary[Authentication & Authorization](/categories/authentication) wefabric/token-login ==================== Laravel package to login users by unique tokens 0.9.1(4y ago)18MITPHP Since May 16Pushed 4y ago1 watchersCompare [ Source](https://github.com/wefabric/token-login)[ Packagist](https://packagist.org/packages/wefabric/token-login)[ RSS](/packages/wefabric-token-login/feed)WikiDiscussions main Synced 5d ago READMEChangelog (2)DependenciesVersions (3)Used By (0) Laravel Token Login =================== [](#laravel-token-login) Allows to login an user by an unique token. > Security Concerns: Using tokens for login is a security concern because it’s the equivalent of storing a password in plain text. Table of Contents ----------------- [](#table-of-contents) - [Background](#background) - [Install](#install) - [Usage](#usage) - [Concerns](#concerns) - [Token creation](#token-creation) - [Login](#login) - [Refresh tokens](#refresh-tokens) - [Delete expired tokens](#delete-expired-tokens) - [Delete all tokens](#delete-all-tokens) - [Exclude users](#exclude-users) - [Helper](#helper) - [Contributing](#contributing) - [License](#license) Background ---------- [](#background) For private and closed applications we created this package to allow users to quickly sign in. For example: We provide updates to users by mail, in this mail we provide a one click login url (with an unique token for each user). The user doesn't have to fill in the login credentials and can quickly see it's private data. Install ------- [](#install) This project uses [Laravel 7+](https://laravel.com) and requires PHP 7.4 as minimum version. ``` composer require wefabric/token-login ``` Publish the config and migration: ``` php artisan vendor:publish --provider='Wefabric\TokenLogin\Providers\ServiceProvider' ``` Check the configuration (config/token-login.php). By the default the token and expiration will be setup for the default User model. To use it with a custom model change the configuration accordingly. When you are all setup. Run the migration ``` php artisan migrate ``` Usage ----- [](#usage) This package adds commands to manage the tokens. By default configuration the user table will contain two new fields ('login\_token' and 'login\_token\_expires\_at'). ### Concerns [](#concerns) Add the following traits to the user model. ``` use Wefabric\TokenLogin\Concerns\HasTokenLogin; use Wefabric\TokenLogin\Concerns\HasTraitsWithCasts; class User extends Authenticatable { use HasTokenLogin, HasTraitsWithCasts; ``` ### Token creation [](#token-creation) After the traits are added, you need to run the following command to generate the tokens and expiration dates. ``` php artisan token-login:create ``` ### Login [](#login) When the tokens are created, it is possible to login by the token. The package adds the route /users/token-login by default (to change it, change the 'login\_path' variable in the config/token-login.php file). You can do a GET and POST request to login, like the following: > [https://site.test/users/token-login?token={TOKEN}](https://site.test/users/token-login?token=%7BTOKEN%7D) When the token is correct and not expired. The user will be redirected to the default redirect path (see config/token-login.php). You can also specify a redirect as parameter. > [https://site.test/users/token-login?token={TOKEN}&redirect=https://site.test/my-redirect](https://site.test/users/token-login?token=%7BTOKEN%7D&redirect=https://site.test/my-redirect) ### Refresh tokens [](#refresh-tokens) The token expires after a certain period. To refresh the tokens, you can use the following command. ``` php artisan token-login:refresh ``` This will refresh all expired tokens. > Use this command in your scheduler. For example, let it run every five minutes. ### Delete expired tokens [](#delete-expired-tokens) To delete all expired tokens run the following command ``` php artisan token-login:delete-expired ``` ### Delete all tokens [](#delete-all-tokens) To delete all tokens run the following command ``` php artisan token-login:delete ``` ### Exclude users [](#exclude-users) To exclude users from the token generation, change the following in the config (config/token-login.php) ``` 'not_allowed' => [ 'key' => 'id', 'items' => [ 1 ] ] ``` ### Helper [](#helper) There is a helper available for using this package. To check if the token login is enabled: ``` echo tokenLogin()->enabled(); ``` To retrieve the login url for a specific model: ``` echo tokenLogin()->loginUrl(User::first(), 'https://site.test/redirect'); ``` Maintainers ----------- [](#maintainers) [@leoflapper](https://github.com/leoflapper). Contributing ------------ [](#contributing) Feel free to dive in! [Open an issue](https://github.com/wefabric/token-login/issues/new) or submit PRs. Contributors ------------ [](#contributors) - [Leo Flapper](https://github.com/leoflapper) - [All Contributors](../../contributors) License ------- [](#license) [MIT](LICENSE.md) © Wefabric ### Health Score 21 — LowBetter than 19% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity6 Limited adoption so far Community7 Small or concentrated contributor base Maturity43 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~0 days Total 2 Last Release 1824d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/8834dc84f62a7c139ded639124a4f9a3bfd03e8ccac75db9f83107ed38ebca39?d=identicon)[slicklabs](/maintainers/slicklabs) --- Top Contributors [![leoflapper](https://avatars.githubusercontent.com/u/2369607?v=4)](https://github.com/leoflapper "leoflapper (6 commits)") --- Tags laravelAuthenticationtokenwefabric ### Embed Badge ![Health badge](/badges/wefabric-token-login/health.svg) ``` [![Health](https://phpackages.com/badges/wefabric-token-login/health.svg)](https://phpackages.com/packages/wefabric-token-login) ``` ### Alternatives [rinvex/laravel-authy Rinvex Authy is a simple wrapper for Authy TOTP, the best rated Two-Factor Authentication service for consumers, simplest 2fa Rest API for developers and a strong authentication platform for the enterprise. 3376.7k1](/packages/rinvex-laravel-authy)[caresome/filament-auth-designer Transform Filament's default auth pages into stunning, brand-ready experiences 3916.8k2](/packages/caresome-filament-auth-designer) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)