Laravel quickstart
The 80% case in under 30 lines of code.
Prerequisites
- An app registered in the auth-server. See App registration.
- The shared
JWT_ACCESS_SECRET. - Laravel 11+.
Install
composer require rw3iss/auth-server-laravelphp artisan vendor:publish --tag=vauth-configConfigure
.env:
AUTH_SERVER_URL=https://auth.ryanweiss.netJWT_ACCESS_SECRET=<shared with auth-server>AUTH_APP_CODE=marketplace-buyerconfig/auth.php:
'defaults' => ['guard' => 'web'],'guards' => ['web' => ['driver' => 'rw3iss-jwt', 'provider' => 'users']],'providers'=> [ 'users' => [ 'driver' => 'rw3iss', 'model' => \App\Models\User::class, // optional — for Pattern B ],],Drop the trait on your User model:
use rw3iss\AuthServer\Laravel\Concerns\HasVenAuth;
class User extends Authenticatable{ use HasVenAuth;}Protect routes
// routes/web.php (or api.php)Route::middleware('vauth')->group(function () { Route::get('/me', fn() => auth()->user());
Route::middleware('vauth.role:org_admin,system_admin') ->get('/admin/users', AdminUsersController::class);
Route::middleware('vauth.permission:listings:create') ->post('/listings', CreateListingController::class);});Use the facade
use rw3iss\AuthServer\Laravel\Facades\VenAuth;
$user = VenAuth::user();$canEdit = VenAuth::hasPermission('listings:edit');$isInOrg = VenAuth::hasOrg($orgId);Blade directives
@vauth <a href="/profile">Profile</a>@endvauth
@vrole('org_admin') <a href="/admin">Admin</a>@endvrole
@vperm('listings:create') <button>New listing</button>@endvpermSession apps (Filament / Blade)?
Everything above is the bearer-token pattern. If your app is
session-based — Filament panels, classic Blade — use the package’s
SSO bridge instead: it federates login (password + social SSO) to
the auth-server while keeping your native Laravel session and Eloquent
user, hydrated as a local shadow user keyed by ven_user_id. Opt in
with AUTH_BRIDGE_ENABLED=true plus one link column — see
SSO bridge (Filament).
Next reads
- SSO bridge (Filament) — session federation for Filament / Blade apps.
- auth-server-laravel Overview — middleware aliases, directive list, trait surface.
- auth-server-laravel How it works — guard wiring, user provider, error mapping.
- auth-server-php Overview — the core the Laravel adapter wraps.