d076/sanctum-refresh-tokens

Refresh token realization for laravel sanctum

v3.1.0 2025-07-09 14:48 UTC

This package is auto-updated.

Last update: 2025-07-09 14:49:41 UTC


README

Installation

composer require d076/sanctum-refresh-tokens

Usage

  1. Publish migrations php artisan vendor:publish --tag=sanctum-refresh-tokens

  2. Run migrations php artisan migrate

  3. Extend your User model from AuthenticatableUser

    use D076\SanctumRefreshTokens\Models\AuthenticatableUser;
    
    class User extends AuthenticatableUser
    {
    }
  4. Add prune commands to Schedule

    use Illuminate\Support\Facades\Schedule;
    
    Schedule::command('sanctum:prune-expired --hours=0')->hourly();
    Schedule::command('sanctum:prune-refresh-expired --hours=0')->daily();
  5. To create access and refresh tokens use TokenService

    use D076\SanctumRefreshTokens\Services\TokenService;
    
    /** @var \D076\SanctumRefreshTokens\Models\AuthenticatableUser $user */
    (new TokenService($user))->createTokens();
    (new TokenService($user))->deleteCurrentTokens();
  6. To change tokens expire time configure config/sanctum.php

    'expiration' => env('SANCTUM_ACCESS_TOKEN_EXPIRATION', 60), // minutes
    'refresh_token_expiration' => env('SANCTUM_REFRESH_TOKEN_EXPIRATION', 43200), // minutes
    'refresh_token_expiration_no_remember' => env('SANCTUM_REFRESH_TOKEN_EXPIRATION_NO_REMEMBER', 1440), // minutes