This package is abandoned and no longer maintained. No replacement package was suggested.

Protects API routes with a token

1.0.12 2017-02-06 12:49 UTC

This package is auto-updated.

Last update: 2023-03-18 17:05:04 UTC


Install by running composer require JapSeyz/ApiSecurity and adding \JapSeyz\ApiSecurity\LaravelServiceProvider::class, to config/app.php

Three Environment variables are included, one of them is optional

JAPSEYZ_API_TOKEN: which is the API Token used to secure the routes

JAPSEYZ_APISECURITY_CHECK_AUTH: Which skips authentication if the user is already authenticated. JAPSEYZ_APISECURITY_DISABLE_IN_DEVELOPMENT which skips authentication if the app is set to local environment

Add the "api.check" middleware to any routes that needs to be protected

Send along a header "X-server-token" with every request to the middleware; This headers value should equal the JAPSEYZ_API_TOKEN environment variable.

Add the following route to your api.php if you cant access the one built into the package.

Route::get('/api/timestamp', function () {
  return response()->json([
      'timestamp' => time(),