Skip to content

Secure Your Laravel Web App with Little JWT - The Key to Effortless Token Management!

License

Notifications You must be signed in to change notification settings

little-apps/LittleJWT

Repository files navigation

Little JWT

Latest Version on Packagist GitHub Tests Action Status Format (PHP) Coverage Status Total Downloads

Secure Your Laravel Web App with Little JWT - The Key to Effortless Token Management!

Show Your Support

Little Apps relies on people like you to keep our software running. If you would like to show your support for Little Registry Cleaner, then you can make a donation using PayPal, Payza or credit card (via Stripe). Please note that any amount helps (even just $1).

Requirements

  • PHP v8.1 or higher
  • Laravel 10.x or 11.x

Installation

Install the package via composer:

composer require little-apps/littlejwt

Publish the config file with:

php artisan vendor:publish --tag="littlejwt-config"

Generate a secret phrase for building and validating JWTs:

php artisan littlejwt:phrase

Information on generating different types of keys can be found in the documentation.

Upgrading

IMPORTANT: Before continuing, please note v2.0 is still in beta and is not recommended for production systems.

Create a backup of the config file:

cp config/littlejwt.php config/littlejwt.php.old

Upgrade the package via composer:

composer require little-apps/littlejwt:"^2.0.0@beta"

Publish the new config file (overwriting the existing config file):

php artisan vendor:publish --tag="littlejwt-config" --existing

You will need to manually set the config file to match the old config file.

Usage

Building JWTs

use LittleApps\LittleJWT\Facades\LittleJWT;
use LittleApps\LittleJWT\Build\Builder;

$jwt = LittleJWT::create(function (Builder $builder) {
    $builder
        // Adds claim 'abc' with value 'def' to header claims.
        ->abc('def', true)
        // Adds claim 'ghi' with value 'klm' to payload claims.
        ->ghi('klm')
        // Adds claim 'nop' with value 'qrs' to payload claims.
        ->nop('qrs', false);
});

$token = (string) $jwt;
// $token = "ey...";

Validating JWTs

use LittleApps\LittleJWT\Facades\LittleJWT;
use LittleApps\LittleJWT\Validation\Validator;

$token = "ey...";

$passes = LittleJWT::validateToken($token, function (Validator $validator) {
    $validator
        // Checks the value of the 'abc' claim in the header === (strictly equals) 'def'
        ->equals('abc', 'def', true, true)
        // Checks the value of the 'ghi' claim in the payload == (equals) 'klm'
        ->equals('ghi', 'klm')
        // Checks the value of the 'nop' claim in the payload === (strictly equals) 'qrs'
        ->equals('nop', 'qrs', true, false);
});

if ($passes) {
    // JWT is valid.
} else {
    // JWT is invalid.
}

Further Documentation

Further documentation is located at docs.getlittlejwt.com.

Testing

composer test

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

Libraries

Little JWT is built using the following libraries:

Contributors

Thank you to the following for their contributions:

License

The MIT License (MIT). Please see License File for more information.

About

Secure Your Laravel Web App with Little JWT - The Key to Effortless Token Management!

Topics

Resources

License

Security policy

Stars

Watchers

Forks

Sponsor this project

Packages

No packages published

Contributors 4

  •  
  •  
  •  
  •  

Languages