Protect Routes with JWT Tokens Using This Package for Laravel

Signature Tech Studio's Laravel JWT package makes it easy to generate, consume, and protect routes with JWT tokens in Laravel. This package wraps the lcobucci/jwt and provides the following benefits on top of that package, specifically for Laravel:

• JWT facade with helper methods to quickly generate and parse tokens.
• Enforces a minimal set of claims for generated tokens, like aud, iss, and exp.
• Validate parsed tokens to ensure our required claims are set properly with the signature present and valid.
• HTTP Middleware to validate a route-specific JWT
• Request macro to easily access route-specific JWT claims

You can also build tokens fluently with ease, using the provided JWT facade:

// Generate a token that will expire in an hour
$jwt = JWT::get('token-id', ['anything' => 'here'], now()->addMinutes(60));
 
// Fluently create a JWT
$token = JWT::setId('my-token-id')
   ->lifetime(3600)
   ->signWith('custom-signing-key-with-256-bits')
   ->issuedBy("my-app")
   ->permittedFor("receiving-app")
   ->withClaim('myclaim', 'any value')
   ->getToken()
   ->toString();

On the request side, you can parse and validate tokens, retrieve claims, and validate them via a provided route-specific JWT middleware. See the readme for use-cases and full details.

You can get started with this package on GitHub at stechstudio/laravel-jwt. You can install this package via composer with the following command:

composer require stechstudio/laravel-jwt