Secure Your Laravel Web App with Little JWT - The Key to Effortless Token Management!

Little Apps relies on people like you to keep our software running. If you would like to show your support for Little Registry Cleaner, then you can make a donation using PayPal, Payza or credit card (via Stripe). Please note that any amount helps (even just $1).

• PHP v8.1 or higher
• Laravel 10.x or 11.x

Install the package via composer:

composer require little-apps/littlejwt

Publish the config file with:

php artisan vendor:publish --tag="littlejwt-config"

Generate a secret phrase for building and validating JWTs:

php artisan littlejwt:phrase

Information on generating different types of keys can be found in the documentation.

IMPORTANT: Before continuing, please note v2.0 is still in beta and is not recommended for production systems.

Create a backup of the config file:

cp config/littlejwt.php config/littlejwt.php.old

Upgrade the package via composer:

composer require little-apps/littlejwt:"^2.0.0@beta"

Publish the new config file (overwriting the existing config file):

php artisan vendor:publish --tag="littlejwt-config" --existing

You will need to manually set the config file to match the old config file.

use LittleApps\LittleJWT\Facades\LittleJWT;
use LittleApps\LittleJWT\Build\Builder;

$jwt = LittleJWT::create(function (Builder $builder) {
    $builder
        // Adds claim 'abc' with value 'def' to header claims.
        ->abc('def', true)
        // Adds claim 'ghi' with value 'klm' to payload claims.
        ->ghi('klm')
        // Adds claim 'nop' with value 'qrs' to payload claims.
        ->nop('qrs', false);
});

$token = (string) $jwt;
// $token = "ey...";

use LittleApps\LittleJWT\Facades\LittleJWT;
use LittleApps\LittleJWT\Validation\Validator;

$token = "ey...";

$passes = LittleJWT::validateToken($token, function (Validator $validator) {
    $validator
        // Checks the value of the 'abc' claim in the header === (strictly equals) 'def'
        ->equals('abc', 'def', true, true)
        // Checks the value of the 'ghi' claim in the payload == (equals) 'klm'
        ->equals('ghi', 'klm')
        // Checks the value of the 'nop' claim in the payload === (strictly equals) 'qrs'
        ->equals('nop', 'qrs', true, false);
});

if ($passes) {
    // JWT is valid.
} else {
    // JWT is invalid.
}

Further documentation is located at docs.getlittlejwt.com.

composer test

Please see CHANGELOG for more information on what has changed recently.

Please see CONTRIBUTING for details.

Please review our security policy on how to report security vulnerabilities.

Little JWT is built using the following libraries:

• Laravel
• Laravel Package Skeleton
• PHP JWT Framework

Thank you to the following for their contributions:

• Little Apps
• All Contributors

The MIT License (MIT). Please see License File for more information.