Are you happy with your logging solution? Would you help us out by taking a 30-second survey? Click here


JWT Auth Guard for Laravel and Lumen Frameworks.

Subscribe to updates I use jwt-auth-guard

Statistics on jwt-auth-guard

Number of watchers on Github 289
Number of open issues 4
Average time to close an issue 4 days
Main language PHP
Average time to merge a PR 1 day
Open pull requests 3+
Closed pull requests 2+
Last commit about 2 years ago
Repo Created almost 4 years ago
Repo Last Updated over 1 year ago
Size 34 KB
Organization / Authorirazasyed
Latest Releasev1.0.4
Page Updated
Do you use jwt-auth-guard? Leave a review!
View open issues (4)
View jwt-auth-guard activity
View on github
Fresh, new opensource launches 🚀🚀🚀
Trendy new open source projects in your inbox! View examples

Subscribe to our mailing list

Evaluating jwt-auth-guard for your project? Score Explanation
Commits Score (?)
Issues & PR Score (?)

JWT Auth Guard

Latest Version on Packagist Software License Total Downloads

JWT Auth Guard is a Laravel & Lumen Package that lets you use jwt as your driver for authentication guard in your application.

The Guard uses tymon/jwt-auth package for authentication and token handling.


  • Laravel or Lumen Installation.
  • tymon/jwt-auth ^1.0@dev Package Setup and Config'd.


First install and setup tymon/jwt-auth package.

$ composer require tymon/jwt-auth:^1.0@dev

Once done, config it and then install this package.


Via Composer

$ composer require irazasyed/jwt-auth-guard

Add the Service Provider


Open config/app.php and, to your providers array at the bottom, add:



Open bootstrap/app.php and register the service provider:



Open your config/auth.php config file and in place of driver under any of your guards, just add the jwt-auth as your driver and you're all set. Make sure you also set provider for the guard to communicate with your database.

Setup Guard Driver

// config/auth.php
'guards' => [
    'api' => [
        'driver' => 'jwt-auth',
        'provider' => 'users'

    // ...

'providers' => [
    'users' => [
        'driver' => 'eloquent',
        'model'  => App\User::class,

Middleware Usage

Middleware protecting the route:

Route::get('api/content', ['middleware' => 'auth:api', 'uses' => 'ContentController@content']);

Middleware protecting the controller:


namespace App\Http\Controllers;

class ContentController extends Controller
    public function __construct() 

Note: The above example assumes you've setup a guard with the name api whose driver is jwt-auth in your config/auth.php file as explained in Setup Guard Driver section above.

The following usage examples assume you've setup your default auth guard to the one which uses the jwt-auth driver.

You can also explicitly define the guard before making calls to any of methods by just prefixing it with Auth::guard('api').

Example: Auth::guard('api')->user()

Attempt To Authenticate And Return Token

// This will attempt to authenticate the user using the credentials passed and returns a JWT Auth Token for subsequent requests.
$token = Auth::attempt(['email' => '', 'password' => '123456']);

Authenticate Once By ID

if(Auth::onceUsingId(1)) {
    // Do something with the authenticated user

Authenticate Once By Credentials

if(Auth::once(['email' => '', 'password' => '123456'])) {
    // Do something with the authenticated user

Validate Credentials

if(Auth::validate(['email' => '', 'password' => '123456'])) {
    // Credentials are valid

Check User is Authenticated

if(Auth::check()) {
    // User is authenticated

Check User is a Guest

if(Auth::guest()) {
    // Welcome guests!

Logout Authenticated User

Auth::logout(); // This will invalidate the current token and unset user/token values.

Generate JWT Auth Token By ID

$token = Auth::generateTokenById(1);

echo $token;

Get Authenticated User

Once the user is authenticated via a middleware, You can access its details by doing:

$user = Auth::user();

You can also manually access user info using the token itself:

$user = Auth::setToken('YourJWTAuthToken')->user();

Get Authenticated User's ID

$userId = Auth::id();

Refresh Expired Token

Though it's recommended you refresh using the middlewares provided with the package, but if you'd like, You can also do it manually with this method.

Refresh expired token passed in request:

$token = Auth::refresh();

Refresh passed expired token:


Invalidate Token

Invalidate token passed in request:

$forceForever = false;

Invalidate token by setting one manually:

$forceForever = false;

Get Token

$token = Auth::getToken(); // Returns current token passed in request.

Get Token Payload

This method will decode the token and return its raw payload.

Get Payload for the token passed in request:

$payload = Auth::getPayload();

Get Payload for the given token manually:

$payload = Auth::setToken('TokenToGetPayload')->getPayload();

Change log

Please see CHANGELOG for more information what has changed recently.


$ composer test


Please see CONTRIBUTING and CONDUCT for details.

Any issues, feedback, suggestions or questions please use issue tracker here.


If you discover any security related issues, please email instead of using the issue tracker.



The MIT License (MIT). Please see License File for more information.

jwt-auth-guard open issues Ask a question     (View All Issues)
  • almost 3 years jwt auth guard not working properly with Laravel 5.3
  • about 3 years [QUESTION] Auth::attempt does not return token
jwt-auth-guard open pull requests (View All Pulls)
  • remove call for non-existed method [check] on JWTAuth
  • Fix documentation
  • [IMPROVEMENT] Laravel 5.5 auto-discovery
jwt-auth-guard list of languages used
Other projects in PHP