Auth:: calls.
Installation
Add the package via Composer, publish config, and run migrations in under five minutes.
Quick Start
Wire up your first JWT guard and issue your first access token with a minimal working example.
Core Concepts
Understand Identity, Principal, Device, and Tenant before writing a single line of auth code.
Guides
Step-by-step walkthroughs for 2D simple apps, 3D multi-tenant apps, token issuance, and more.
What you get
Laravel Authentication drops into Laravel’s existing auth machinery — no new API to learn. You keepAuth::check(), Auth::user(), auth()->guard('api'), standard middleware, and standard events. On top of that you get:
- Two sessionless guards —
jwt(Bearer token) andbasic(HTTP Basic), registered viaauth.guards.*.driver - Contextual accessors —
Auth::identity(),Auth::principal(),Auth::device(),Auth::tenant(),Auth::type() - Hardened JWT pipeline — enforces
iss,aud,typ,exp, and leeway on every parse; fails closed on empty secrets - Refresh-token rotation — atomic per-device rotation with replay detection and machine-readable failure events
- Kid-based key rotation — issue under one kid, verify against a map, retire old kids gracefully
- Pluggable everything — swap the device model, principal resolver, identifier field, or table names
Install the package
Run
composer require sinemacula/laravel-authentication and publish config and migrations.Configure your guards
Register
jwt or basic drivers in config/auth.php and set your JWT secret in .env.Implement your identity model
Add the
Identity contract and Authenticatable trait to your user model.