jundayw / tokenable
Laravel Tokenable provides multi-model and multi-platform authentication with refresh tokens for APIs, SPAs, and SSR.
Installs: 219
Dependents: 1
Suggesters: 0
Security: 0
Stars: 0
Watchers: 0
Forks: 0
Open Issues: 0
pkg:composer/jundayw/tokenable
Requires
- php: ^8.0
- firebase/php-jwt: ^6.11
This package is auto-updated.
Last update: 2025-10-09 07:51:56 UTC
README
Laravel Tokenable
Table of Contents
Introduction
Laravel Tokenable is a modern authentication package that extends Laravel’s token capabilities beyond Sanctum.
It supports:
- APIs for stateless clients.
- SPAs (Single Page Applications) for JavaScript-driven frontends.
- SSR (Server-Side Rendered apps) with cookie-based authentication.
Key features include:
- Multi-model support — authenticate multiple user models (e.g.
User
,Admin
,Member
) seamlessly. - Multi-platform support — issue tokens per platform (e.g.
App
,Web
,Mini Programs
) with fine-grained control. - Refresh tokens — enable long-lived sessions with secure refresh workflows.
- Flexible token structure — customize token structure and lifecycle management.
- Cookie + API support — works equally well for session-based SSR and token-based APIs.
Laravel Sanctum provides basic API authentication and multiple model support, but falls short when:
- You need fine-grained token control per platform (e.g. App vs Web).
- You require refresh token flows.
- You want customizable token structures instead of being tied to Sanctum’s defaults.
Laravel Tokenable bridges this gap, making token authentication first-class, flexible, and universal across your Laravel projects.
Documentation
Documentation for Laravel Tokenable can be found on the documentation.
Installation
You can install the package via Composer:
composer require jundayw/tokenable
Publish Resources
Your users can also publish all publishable files defined by your package's service provider using the --provider
flag:
php artisan vendor:publish --provider="Jundayw\Tokenable\TokenableServiceProvider"
You may wish to publish only the configuration files:
php artisan vendor:publish --tag=tokenable-config
You may wish to publish only the migration files:
php artisan vendor:publish --tag=tokenable-migrations
Run Migrations
php artisan migrate --path=database/migrations/2025_06_01_000000_create_auth_token_table.php
Usage
Configuration
Use the tokenable
guard in the guards
configuration of your application's auth.php
configuration file:
'guards' => [ 'api' => [ 'driver' => 'tokenable', 'provider' => 'users', ], ],
Model
To start issuing tokens for users, your User model should use the Jundayw\Tokenable\HasTokenable
trait and implement the Jundayw\Tokenable\Contracts\Tokenable
interface.
namespace App\Models; use Jundayw\Tokenable\Contracts\Tokenable; use Jundayw\Tokenable\HasTokenable; class User extends Authenticatable implements Tokenable { use HasTokenable, HasFactory, Notifiable; }
Create Token
$user = User::query()->where([ 'email' => $request->get('email'), 'password' => Hash::make($request->get('password')), ])->first(); if(is_null($user)){ return null; } return $this->guard('web') ->login($user) ->createToken(name: 'PC Token', platform: 'pc');
Refresh Token
return $this->guard('web')->refreshToken();
Revoke Token
return $this->guard()->revokeToken();
Contributing
Contributions are what make the open source community such an amazing place to learn, inspire, and create. Any contributions you make are greatly appreciated.
If you have a suggestion that would make this better, please fork the repo and create a pull request. You can also simply open an issue with the tag "enhancement". Don't forget to give the project a star! Thanks again!
- Fork the Project
- Create your Feature Branch (
git checkout -b feature/AmazingFeature
) - Commit your Changes (
git commit -m 'Add some AmazingFeature'
) - Push to the Branch (
git push origin feature/AmazingFeature
) - Open a Pull Request
Contributors
Thanks goes to these wonderful people:
Contributions of any kind are welcome!
License
Distributed under the MIT License (MIT). Please see License File for more information.