Resource owner phone verification code credentials grant for Laravel Passport

v2.0.3 2020-02-27 23:03 UTC

This package is auto-updated.

Last update: 2023-01-28 05:10:07 UTC



Resource owner phone verification code credentials grant for Laravel Passport

中文文档 / Chinese document


Under your working folder and run the command in terminal:

composer require qiutuleng/laravel-passport-phone-verification-code-grant



If your laravel version is greater or equal to 5.5, the service provider will be attached automatically.

Other versions, you must needs add \QiuTuleng\PhoneVerificationCodeGrant\PhoneVerificationCodeGrantServiceProvider::class to the providers array in config/app.php:

'providers' => [
     * Package Service Providers...



How to use?


  1. You must needs implement \QiuTuleng\PhoneVerificationCodeGrant\Interfaces\PhoneVerificationCodeGrantUserInterface interface in your User model.

    namespace App;
    use Laravel\Passport\HasApiTokens;
    use Illuminate\Notifications\Notifiable;
    use Illuminate\Foundation\Auth\User as Authenticatable;
    use QiuTuleng\PhoneVerificationCodeGrant\Interfaces\PhoneVerificationCodeGrantUserInterface;
    class User extends Authenticatable implements PhoneVerificationCodeGrantUserInterface
        use HasApiTokens, Notifiable;
  2. Add findOrNewForPassportVerifyCodeGrant and validateForPassportVerifyCodeGrant methods to your User model.

     * Find or create a user by phone number
     * @param $phoneNumber
     * @return \Illuminate\Database\Eloquent\Model|null
    public function findOrCreateForPassportVerifyCodeGrant($phoneNumber)
        // If you need to automatically register the user.
        return static::firstOrCreate(['mobile' => $phoneNumber]);
        // If the phone number is not exists in users table, will be fail to authenticate.
        // return static::where('mobile', '=', $phoneNumber)->first();
     * Check the verification code is valid.
     * @param $verificationCode
     * @return boolean
    public function validateForPassportVerifyCodeGrant($verificationCode)
        // Check verification code is valid.
        // return \App\Code::where('mobile', $this->mobile)->where('code', '=', $verificationCode)->where('expired_at', '>', now()->toDatetimeString())->exists();
        return true;
  3. (Optional) Also you can rename phone_number and verification_code fields in config file:

    To do this, add keys in config/passport.php, example:

        'phone_verification' => [
            'phone_number_request_key' => 'phone',
            'verification_code_request_key' => 'verification_code',

Request Tokens

You may request an access token by issuing a POST request to the /oauth/token route with the user's phone number and verification code.

$http = new GuzzleHttp\Client;

$response = $http->post('http://your-app.com/oauth/token', [
    'form_params' => [
        'grant_type' => 'phone_verification_code',
        'client_id' => 'client-id',
        'client_secret' => 'client-secret',
        'phone_number' => '+8613416292625',
        'verification_code' => 927068,
        'scope' => '',

return json_decode((string) $response->getBody(), true);


You can check out the Laravel/Passport official documentation to learn more


You can create a pull requests to this repository.

Welcome your ideas or code.


If you have any questions, please ask your question in the Issues and I will try my best to help you.