I use Passport package for API Authentication in Laravel Project.
I pass access token via header to verify User actions. but, i need to send access token via API URL.
Like this :
http://aarts.net/rest/api/v1/cart?access_token=vIRTPypU16SuMar6xSK1clzGXOGvOwQPX3WoT71A
I need to send access token via API URL.
Sorry,you can't do that, laravel passport does not support
Related
I am currently using a API to validate Login Credentials.
I have gotten to the point where I am sending username/password correctly.
This API will return a bolean, depending on if those credentials are correct.
Along with the entire user's information, including their address etc.
How can I correctly store this into Laravel Auth, so I can use Auth::user etc in blade?
I do NOT have Database access, only API access to validate user login details.
I cannot create a local - Laravel database, as this application has to be completely API based.
I am using Guzzle to query the API.
You should try using JWT for authentication, implementing your own API Authentication can cause some security issues if not done right.
Also JWT for Laravel already has support for Laravels Authentication system
I need to use Laravel Sanctum in a distributed system, for this case, I have 3 participants:
The user
The API server
The authentication server
The authentication server is only for generate and validate tokens, the API must make the authentication by calling to the authentication server and sending the token in the authorization header of the request. This token it's sent by the user when calling the API (the user had to make a request for a token to the authentication server before)
I want to use Laravel 8 in the API server and also, I want to use Laravel 8 in the authentication server, I know that I can use Laravel Sanctum to handle the API authentication, but it has to be in the same server that the API is in, the middleware auth:sanctum works by searching the token in the same database that the API is in, but now I need that the middleware search the token in the authentication server who has another Laravel with another database, how can I do that? Do I need to do it manually?
I'm doing some Android app that needs API and users.
I'm planning adding login (and register) button via Facebook.
I'm wondering: how should the flow of such an operation look like?
My idea:
Request the Facebook token in the app.
Send the token to the laravel backend by POST request (is this even secure approach?)
Get the Facebook user by Facebook token using socialite
Create / auth laravel user using Facebook user.
Return laravel's bearer token to the app (do I need passport to get the token or laravel has something built in?)
Is this the best approach?
I have created a Laravel 5.4 App, which is a REST based API for serving out data about our inventory to customers.
I have implemented Passport based Authentication, and My customers create a 'Personal Access Tokens' and use that in their client requests. All of this is working fine.
I now need to meter the usage of the API to figure out which user, and which token (by Name) is making the request.
I am able to get the User by using $request->session();, but how do I get the name of the Token that is making the request?
Laravel passport searches for valid tokens in 2 locations:
the bearer token
a cookie
When boiled down, you could use this method to find the token you seek:
$token = $request->bearerToken() ?? $request->cookie(Passport::cookie());
Basically I have an api /mobileapp/register which calls a controller to register a customer on my system. I am trying to use Laravel passport to generate an access token for the non authenticated user but I cannot understand how it will work. Basically I need to allow /mobileapp/register to be accessed securely whether using an access token or something secure. How can we achieve this?