cofa/laravel-authentication-flow
Composer 安装命令:
composer require cofa/laravel-authentication-flow
包简介
Simple authentication flow with validation and flexibility of credentials so you can use phone, email whatever you want .
README 文档
README
A simple and flexible authentication package for Laravel applications with JWT support. This package provides a complete authentication flow with login, registration, token refresh, and logout functionality.
Features
- JWT-based authentication
- Login and registration endpoints
- Token refresh mechanism
- Secure logout with token blacklisting
- Configurable token expiration times
- Flexible credential validation
Requirements
- PHP 8.2 or higher
- Laravel 12.x
- Tymon JWT Auth package
Installation
1. Install the package via Composer
composer require cofa/laravel-authentication-flow
2. Configuration (Optional)
The package comes with default configuration that will be automatically merged. If you want to customize the settings, publish the configuration file:
php artisan vendor:publish --provider="Cofa\LaravelAuthenticationFlow\ApiAuthServiceProvider" --tag="config"
This will create a config/apiauth.php file in your application that you can modify.
JWT Configuration
1. JWT Setup
The tymon/jwt-auth package is automatically installed as a dependency. Laravel will handle the provider registration automatically.
2. Generate JWT Secret Key
Generate a secret key for JWT:
php artisan jwt:secret
This will update your .env file with a JWT_SECRET value.
3. Configure Auth Guard
Update your config/auth.php file to use the JWT guard:
'guards' => [ // ... 'api' => [ 'driver' => 'jwt', 'provider' => 'users', ], ],
4. Update User Model
Update your User model to implement the JWT interface:
<?php namespace App\Models; use Tymon\JWTAuth\Contracts\JWTSubject; use Illuminate\Foundation\Auth\User as Authenticatable; use Illuminate\Notifications\Notifiable; class User extends Authenticatable implements JWTSubject { use Notifiable; // ... /** * Get the identifier that will be stored in the subject claim of the JWT. * * @return mixed */ public function getJWTIdentifier() { return $this->getKey(); } /** * Return a key value array, containing any custom claims to be added to the JWT. * * @return array */ public function getJWTCustomClaims() { return []; } }
Configuration Options
You can customize the authentication behavior by modifying the config/apiauth.php file:
return [ 'token_ttl' => 60, // Access token lifetime in minutes 'refresh_ttl' => 10080, // Refresh token lifetime in minutes (7 days) 'guard' => 'api', // The authentication guard to use ];
Usage
The package provides the following API endpoints:
Authentication Routes
All routes are prefixed with /auth:
POST /auth/login- Login with credentialsPOST /auth/register- Register a new userPOST /auth/refresh-token- Refresh access tokenPOST /auth/logout- Logout and invalidate tokens
Example Requests
Login
POST /auth/login Content-Type: application/json { "email": "user@example.com", "password": "YourPassword123!" }
Response:
{
"profile": {
"id": 1,
"name": "John Doe",
"email": "user@example.com",
"createdAt": "2023-01-01T00:00:00.000000Z",
"updatedAt": "2023-01-01T00:00:00.000000Z"
},
"credentials": {
"accessToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...",
"expiresIn": "2023-01-01T01:00:00.000000Z",
"refreshToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...",
"refreshExpiresIn": "2023-01-08T00:00:00.000000Z"
}
}
Refresh Token
POST /auth/refresh-token Content-Type: application/json { "refreshToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." }
Response:
{
"accessToken": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...",
"expiresIn": "2023-01-01T02:00:00.000000Z"
}
Security
This package implements several security features:
- Password validation with complexity requirements
- Token blacklisting for logout
- Separate access and refresh tokens
- Configurable token lifetimes
License
This package is open-sourced software licensed under the MIT license.
cofa/laravel-authentication-flow 适用场景与选型建议
cofa/laravel-authentication-flow 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 607 次下载、GitHub Stars 达 0, 最近一次更新时间为 2025 年 08 月 12 日, 在 PHP 生态内属于活跃度较高的组件。
我们在过去多个企业项目中使用过 cofa/laravel-authentication-flow 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 cofa/laravel-authentication-flow 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
统计信息
- 总下载量: 607
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 30
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2025-08-12