mayoz/laravel-tokens

Multi-token support for Laravel Auth.

Laravel Multi Token

, _(*1)

Introduction

This package provides a simple solution for give multiple token to your application's users. This solution is similar to Laravel's TokenGuard class., _(*2)

This package is for Laravel 5.5 and above., _(*3)

Installation

You can install the package via composer using:, _(*4)

composer require mayoz/laravel-tokens

The service provider will automatically get registered for Laravel 5.5 and above versions. If you want you can add the service provider in config/app.php file:, _(*5)

'providers' => [
    // ...
    Mayoz\Token\TokenServiceProvider::class,
];

If you are going to make changes the default migration, you can publish the migration file with:, _(*6)

php artisan vendor:publish --provider="Mayoz\Token\TokenServiceProvider" --tag="laravel-tokens-migrations"

Then, you can create the tokens table by running the migrations:, _(*7)

php artisan migrate

You can publish the config file with:, _(*8)

php artisan vendor:publish --provider="Mayoz\Token\TokenServiceProvider" --tag="laravel-tokens-config"

If you need you are free to change your config file., _(*9)

Implementation

After installation, you can implement the new feature for your application., _(*10)

Add the Mayoz\Token\HasToken trait to your App\User model. This trait will provide a few helper methods to your model which allow you to inspect the authenticated user's tokens:, _(*11)

<?php

namespace App;

use Mayoz\Token\HasToken;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use HasToken, Notifiable;

    // ...
}

And finally, you will add the new guard to your application. Open the config/auth.php file and apply following changes:, _(*12)

  'guards' => [
        // ...

        'api' => [
            'driver' => 'multi-token',
            'provider' => 'tokens',
        ],
    ],

    'providers' => [
        // ...

        'tokens' => [
            'driver' => 'eloquent',
            'model' => Mayoz\Token\Token::class,
        ],
    ],

Congratulations!, _(*13)

Usage

When you need it (after login or any actions later), use the helper function to create a new token., _(*14)

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;

class TokenController
{
     public function __invoke(Request $request)
     {
         $token = $request->user()->generateToken();

         return $token;
     }
}

By default tokens never expire if you do not pass the lifetime when generation. For define expiration, you can pass the time period parameter (in minutes) to generateToken method., _(*15)

Generate a new token of 10 minutes life with:, _(*16)

$token = $request->user()->generateToken(10);

The token are not refreshed, token will die when expired. The authentication attempts with expired token will fail., _(*17)

The authentication process is similar to that of the standard Laravel api_token flows:, _(*18)

The token guard is looking for the token:, _(*19)

1. Firstly looking the URL for parameter ?api_token=XXX
2. If not exists token, looking the header for Authorization: Bearer XXX

Finally, if you need the current token model information underlying the authentication process, you can use the token method., _(*20)

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;

class UserController
{
     public function __construct()
     {
          $this->middleware('auth:api');
     }

     public function __invoke(Request $request)
     {
         return [
             'user' => $request->user(),
             'token' => $request->token(),
         ];
     }
}

Token Generator

By default, the generated token is a string of random 36 chars. If you want to create more meaningful (such as uuid4) tokens, you are free to change the generator method., _(*21)

Let's make change to generate of uuid4 string. Open the app/Providers/AuthServiceProvider file and apply the additions:, _(*22)

<?php

namespace App\Providers;

use Mayoz\Token\Generator;
// ...

class AuthServiceProvider extends ServiceProvider
{
    // ...

    /**
     * Register any authentication / authorization services.
     *
     * @return void
     */
    public function boot()
    {
        // ...

        Generator::extend(function () {
            return \Ramsey\Uuid\Uuid::uuid4()->toString();
        });
    }
}

If there is no ramsey/uuid package in your application, you can install with:, _(*23)

composer require ramsey/uuid

Cheers., _(*24)

Changelog

Please see CHANGELOG for more information what has changed recently., _(*25)

Contributing

Please see CONTRIBUTING for details., _(*26)

Security Vulnerabilities

If you discover any security related issues, please create a new issue with using the "Bug" label. All security vulnerabilities will be promptly addressed., _(*27)

License

The MIT License (MIT). Please see License File for more information., _(*28)