andriesreitsma/laravel-visa

My Laravel Passport add-on package

Maintainers

Details

github.com/andriesreitsma/laravel-visa

Homepage

Source

Issues

Installs: 13

Dependents: 0

Suggesters: 0

Security: 0

Stars: 2

Watchers: 1

Forks: 0

v0.0.1 2022-05-02 07:26 UTC

Requires

Requires (Dev)

MIT 1f788984633be2e0439205b9bb4f9330a7423b3d

  • Andries Reitsma B.V. <studio.woop@andriesreitsma.nl>

authlaravel

This package is auto-updated.

Last update: 2024-04-20 13:43:23 UTC

README

Add a VISA to your Laravel Passport, to give SPA's sign-in abilities using Passport ... work in progress

Add CreateFreshApiToken Middleware from laravel\passport add the end of all the web middleware, this way a cookie will be added to the responses coming from the back-end.

    /**
     * The application's route middleware groups.
     *
     * @var array
     */
    protected $middlewareGroups = [
        'web' => [
            ...
            \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
        ],

Get CSRF Cookie before signing in with regular props

    const csrf = () => axios.get('/cookie')

Get your csrf cookie before posting to login to acquire a logged-in state

    await csrf()
    await axios.post('/login', [email,password]);

Logout is as simple as loggin in:

    await axios.post('/logout');

Since CSRF vurnability there's a workaround for posting with axios:

import Axios from 'axios'

const axios = Axios.create({
    baseURL: process.env.NEXT_PUBLIC_BACKEND_URL,
    headers: {
        'X-Requested-With': 'XMLHttpRequest',
        'Accept': 'application/json'
    },
    withCredentials: true,
    withXSRFToken: true  //Workaround
})

export default axios