kamoca / laravel-jwt-database-blacklist
JWT blacklist storage in database for tymon/jwt-auth
Installs: 16
Dependents: 0
Suggesters: 0
Security: 0
Stars: 0
Watchers: 0
Forks: 0
Open Issues: 0
pkg:composer/kamoca/laravel-jwt-database-blacklist
Requires
- php: ^8.0
- illuminate/database: ^9.0|^10.0|^11.0|^12.0
- illuminate/support: ^9.0|^10.0|^11.0|^12.0
- tymon/jwt-auth: ^2.2
README
A Laravel package to store JWT blacklisted tokens in the database instead of cache.
Built to work with tymondesigns/jwt-auth.
β¨ Features
- π‘οΈ Blacklist JWT tokens in a dedicated database table
- β‘ Works with
tymon/jwt-auth - ποΈ No cache needed
- β Ready for production use
π Installation
composer require kamoca/laravel-jwt-database-blacklist
βοΈ Setup
- Publish migration
php artisan vendor:publish --tag=jwt-blacklist-migrations php artisan migrate
This will create the jwt_blacklists table in your database.
-
Configure JWT
2.1. Set storage
In
config/jwt.php, set thestorageoption:'storage' => Kamoca\JwtDatabaseBlacklist\Providers\Storage\Illuminate::class,
2.2. Ensure blacklist is enabled
In
config/jwt.php, set theblacklist_enabledoption:'blacklist_enabled' => env('JWT_BLACKLIST_ENABLED', true),
Then in your
.envfile:JWT_BLACKLIST_ENABLED=true
Now, when you invalidate a token, it will be stored in the database and blocked from reuse.
π§ Usage
Example logout controller:
use Tymon\JWTAuth\Facades\JWTAuth; use Auth; public function logout() { // These will store {"valid_until":...} in the `jwt_blacklists` table Auth::logout(); auth()->logout(); // These will store 'forever' in the `jwt_blacklists` table JWTAuth::invalidate(JWTAuth::getToken(), true); }
Any request using the same token after invalidation will fail.
π License
Este projeto estÑ licenciado sob a Licença MIT - veja o arquivo LICENSE para detalhes.
π¨βπ» Author
Kauan Morinel Calheiro
- π§ Email: kauan.calheiro@universo.univates.br
- π GitHub: @KauanCalheiro