2.1.0 2021-06-16 14:39 UTC

This package is auto-updated.

Last update: 2022-05-19 16:48:21 UTC


This package provides the same cookie based auth that the CreateFreshApiToken middleware does, but for client_credentials. This is useful when you protect non-user routes, but still want to consume them on the frontend without introducing a proxy.

Most of the code contained in this package is taken from Laravel Passport and adapted for this use-case - all credit goes to that repo.


composer require netsells/passport-client-cookie

Add to your app.php if not using Laravel 5.5+

    // Other service providers


In Http/Kernel.php:

Add to your web middleware group, probably at the bottom.


Replace your CheckClientCredentials route middleware with the passport client check:

'client' => \Netsells\PassportClientCookie\Middleware\CheckClientCredentials::class,


You can disable the checking middleware by pulling the WithoutClientCredentialsMiddleware trait in and calling $this->withoutClientCredentialsMiddleware() at the top of your test.