Skip to content
Lumen with JWT Authentication, Dingo API and CORS Support
Branch: develop
Clone or download
krisanalfa Update
Add donation button
Latest commit cdceb41 Aug 22, 2017
Type Name Latest commit message Commit time
Failed to load latest commit information.
app added some tests Jun 2, 2017
bootstrap Removed facades Apr 28, 2017
config [FIX] Translation not loaded due to misconfiguration. May 26, 2017
public [INIT] Initial commit. Mar 8, 2016
routes [ADD] Dec 2, 2016
storage [INIT] Initial commit. Mar 8, 2016
.env.example [FIX] Translation not loaded due to misconfiguration. May 26, 2017
.gitignore added some tests Jun 2, 2017
artisan [INIT] Initial commit. Mar 8, 2016
composer.json [UPDATE] Depencency. Fix route:list return empty list. May 31, 2017
composer.lock [UPDATE] Depencency. Fix route:list return empty list. May 31, 2017
phpunit.xml Update Aug 22, 2017

Lumen with JWT Authentication

Basically this is a starter kit for you to integrate Lumen with JWT Authentication. If you want to Lumen + Dingo + JWT for your current application, please check here.

What's Added

[1] Added via this package.

Quick Start

  • Clone this repo or download it's release archive and extract it somewhere
  • You may delete .git folder if you get this code via git clone
  • Run composer install
  • Run php artisan jwt:generate
  • Configure your .env file for authenticating via database
  • Set the API_PREFIX parameter in your .env file (usually api).
  • Run php artisan migrate --seed

A Live PoC

  • Run a PHP built in server from your root project:
php -S localhost:8000 -t public/

Or via artisan command:

php artisan serve

To authenticate a user, make a POST request to /api/auth/login with parameter as mentioned below:

password: johndoe


curl -X POST -F "" -F "password=johndoe" "http://localhost:8000/api/auth/login"


  "success": {
    "message": "token_generated",
    "token": "a_long_token_appears_here"
  • With token provided by above request, you can check authenticated user by sending a GET request to: /api/auth/user.


curl -X GET -H "Authorization: Bearer a_long_token_appears_here" "http://localhost:8000/api/auth/user"


  "success": {
    "user": {
      "id": 1,
      "name": "John Doe",
      "email": "",
      "created_at": null,
      "updated_at": null
  • To refresh your token, simply send a PATCH request to /api/auth/refresh.
  • Last but not least, you can also invalidate token by sending a DELETE request to /api/auth/invalidate.
  • To list all registered routes inside your application, you may execute php artisan route:list
⇒  php artisan route:list
| Verb   | Path                 | NamedRoute          | Controller                               | Action           | Middleware |
| POST   | /api/auth/login      | api.auth.login      | App\Http\Controllers\Auth\AuthController | postLogin        |            |
| GET    | /api                 | api.index           | App\Http\Controllers\APIController       | getIndex         | jwt.auth   |
| GET    | /api/auth/user       | api.auth.user       | App\Http\Controllers\Auth\AuthController | getUser          | jwt.auth   |
| PATCH  | /api/auth/refresh    | api.auth.refresh    | App\Http\Controllers\Auth\AuthController | patchRefresh     | jwt.auth   |
| DELETE | /api/auth/invalidate | api.auth.invalidate | App\Http\Controllers\Auth\AuthController | deleteInvalidate | jwt.auth   |


I made a Postman collection here.


Laravel and Lumen is a trademark of Taylor Otwell
Sean Tymon officially holds "Laravel JWT" license


If this project help you reduce time to develop, you can give me a cup of coffee :)


You can’t perform that action at this time.