the-cans-group/cerberus

Flexible auth / token / utils toolkit for Laravel 12

Maintainers

Details

github.com/the-cans-group/cerberus

Source

Issues

Installs: 2

Dependents: 0

Suggesters: 0

Security: 0

Stars: 0

Watchers: 0

Forks: 0

Open Issues: 0

0.0.4 2025-07-08 15:35 UTC

Requires

Requires (Dev)

MIT 451bc666ea1561814a130de57b96f4fe68fd1d24

  • Uğur CAN <hello.woop@thecans.co>

securityauthlaraveltokensanctum

This package is auto-updated.

Last update: 2025-07-08 15:36:12 UTC

README

A lightweight, extensible multi-device session authentication system for Laravel.

🚀 Installation

composer require the-cans-group/cerberus

1. Register the Service Provider (Laravel 5.x)

// config/app.php
'providers' => [
    Cerberus\CerberusProvider::class,
],

For Laravel 5.5+ this is auto-discovered.

⚙️ Configuration

Publish the config file:

php artisan vendor:publish --tag=cerberus-config

Publish the migration:

php artisan migrate

🔐 Guard Setup

Add to config/auth.php:

'guards' => [
    'cerberus' => [
        'driver' => 'cerberus',
        'provider' => null, // Automatically resolved
    ],
],

🧬 Model Integration

Use the CerberusAuthenticatable trait in your authenticatable model:

use Cerberus\CerberusAuthenticatable;

class User extends Authenticatable
{
    use CerberusAuthenticatable;
}

📲 Usage

Create Access Token

$token = $user->createAccessToken();

Check if Token Belongs to the User

$user->tokenBelongsToThisUser($token); // true / false

List Active Sessions

$user->sessions();

Revoke Tokens

$user->revokeToken($token);         // Revoke specific token
$user->revokeOtherTokens($token);   // Revoke all except this one
$user->revokeAllTokens();           // Revoke all

🧪 Middleware Usage

Route::middleware('auth:cerberus')->group(function () {
    Route::get('/me', fn () => auth()->user());
});

⚙️ Commands

Clean up expired sessions:

php artisan cerberus:prune

🧠 Database Structure

  • cerberus_user_devices: Stores device data
  • cerberus_user_device_sessions: Stores session data
  • Supports polymorphic authenticatable_type/id for multiple model support

🛠️ Configuration Options (config/cerberus.php)

Example:

'token' => [
    'rounds' => 128,
    'prefix' => 'cerberus',
    'encoding' => 'base64url',
    'hash_driver' => 'argon2id',
    'hash_enabled' => true,
],

📄 License

MIT © The Can's Group