// Created on savesnippets.com · https://savesnippets.com/gUMJQgvkIQQlxq
<?php
function jwtSign(array $claims, string $secret, int $ttlSec = 3600): string {
    $b64 = fn(string $s) => rtrim(strtr(base64_encode($s), '+/', '-_'), '=');

    $now = time();
    $claims = array_merge(['iat' => $now, 'exp' => $now + $ttlSec], $claims);

    $header  = $b64(json_encode(['alg' => 'HS256', 'typ' => 'JWT']));
    $payload = $b64(json_encode($claims, JSON_UNESCAPED_SLASHES));
    $signing = "$header.$payload";
    $sig     = $b64(hash_hmac('sha256', $signing, $secret, true));
    return "$signing.$sig";
}

$token = jwtSign(['sub' => 42, 'role' => 'admin'], getenv('JWT_SECRET'));
echo $token;