A nice and simple library which allows you to generate a random token with an accompanying expiration date - perfect for creating 'forgotten password' URL's, however the temporary token could be used for anything.

1.0.7 2013-02-03 20:14 UTC



I needed a temporary password reset token generating when a user 'forgot their password'. Although a nice feature, pulling in dependencies for storage seemed overkill and decided to just spin up a quick library that generated a very unique token (it can be made even more unique via a 'salt' - something unique to that instance) and a expiration DateTime object for that token.

I suppose you could use it for any scenario requiring a temporary, guaranteed to expire token - my use case was simply a password reset link token.

What exactly?

Basically this package allows you to generate two things:

  1. A unique token
  2. An expiration time for the above token

For ease you can simply store these inside a users table once a password has been reset, send the user a link to the unique url - and assuming the token matches and hasn't expired let them reset their password.


This library is published on, to install you will need the following in your projects composer.json:

	"require": {
		"mattkirwan/temp-token": "1.0.*"
	"minimum-stability": "dev"

Once you have that, simply run:

php composer.phar update

and then use...


require './vendor/autoload.php';

// Instantiate a new TempToken object
$temp_token = new MattKirwan\TempToken\TempToken();

// Optionally set a unique salt (maybe a username?) for more randomness in the token

// Optionally set the token lifetime in seconds - defaults to 1 hour (3600 secs)

// Optionally set a date format for the token expiration DateTime object

// Generates a new token and token expiration

// Retrieve the token
$token = $temp_token->get_token();

// Retrieve a token expiration DateTime
$token_expires = $temp_token->get_token_expiration();