jwt-auth

jwt-auth is a PHP package that adds JSON Web Token authentication to Laravel applications. Laravel is a popular PHP framework for building web applications, and JWT is a way of handling user login sessions without storing session data on the server.

When a user logs in to a traditional web application, the server creates a session record and sends back a cookie. Every subsequent request checks the server's session store. JSON Web Tokens work differently: the server issues a compact, cryptographically signed token at login, and the client sends that token with every request. The server can verify the token using a secret key without looking anything up in a database. This stateless approach is useful for APIs and mobile app backends where you do not want to maintain server-side session state.

jwt-auth integrates this flow into Laravel's built-in authentication system. Once installed, you can use Laravel's standard auth helpers and guards with JWT tokens instead of cookies. The package handles token creation, validation, and refresh, and it works with Laravel's middleware system so you can protect routes in the same way you would with session-based auth.

The README itself is minimal and points to the project wiki for full documentation. The package is installed via Composer, PHP's standard dependency manager. With over 11,000 stars, it has been widely adopted by Laravel developers building APIs who want a straightforward way to add token-based authentication without building the JWT logic themselves.