You cannot select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and dots ('.'), can be up to 35 characters long. Letters must be lowercase.
83 lines
2.9 KiB
83 lines
2.9 KiB
<?php |
|
|
|
use Laravel\Sanctum\Sanctum; |
|
|
|
return [ |
|
|
|
/* |
|
|-------------------------------------------------------------------------- |
|
| Stateful Domains |
|
|-------------------------------------------------------------------------- |
|
| |
|
| Requests from the following domains / hosts will receive stateful API |
|
| authentication cookies. Typically, these should include your local |
|
| and production domains which access your API via a frontend SPA. |
|
| |
|
*/ |
|
|
|
'stateful' => explode(',', env('SANCTUM_STATEFUL_DOMAINS', sprintf( |
|
'%s%s', |
|
'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1', |
|
Sanctum::currentApplicationUrlWithPort() |
|
))), |
|
|
|
/* |
|
|-------------------------------------------------------------------------- |
|
| Sanctum Guards |
|
|-------------------------------------------------------------------------- |
|
| |
|
| This array contains the authentication guards that will be checked when |
|
| Sanctum is trying to authenticate a request. If none of these guards |
|
| are able to authenticate the request, Sanctum will use the bearer |
|
| token that's present on an incoming request for authentication. |
|
| |
|
*/ |
|
|
|
'guard' => ['web'], |
|
|
|
/* |
|
|-------------------------------------------------------------------------- |
|
| Expiration Minutes |
|
|-------------------------------------------------------------------------- |
|
| |
|
| This value controls the number of minutes until an issued token will be |
|
| considered expired. This will override any values set in the token's |
|
| "expires_at" attribute, but first-party sessions are not affected. |
|
| |
|
*/ |
|
|
|
'expiration' => null, |
|
|
|
/* |
|
|-------------------------------------------------------------------------- |
|
| Token Prefix |
|
|-------------------------------------------------------------------------- |
|
| |
|
| Sanctum can prefix new tokens in order to take advantage of numerous |
|
| security scanning initiatives maintained by open source platforms |
|
| that notify developers if they commit tokens into repositories. |
|
| |
|
| See: https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning |
|
| |
|
*/ |
|
|
|
'token_prefix' => env('SANCTUM_TOKEN_PREFIX', ''), |
|
|
|
/* |
|
|-------------------------------------------------------------------------- |
|
| Sanctum Middleware |
|
|-------------------------------------------------------------------------- |
|
| |
|
| When authenticating your first-party SPA with Sanctum you may need to |
|
| customize some of the middleware Sanctum uses while processing the |
|
| request. You may change the middleware listed below as required. |
|
| |
|
*/ |
|
|
|
'middleware' => [ |
|
'authenticate_session' => Laravel\Sanctum\Http\Middleware\AuthenticateSession::class, |
|
'encrypt_cookies' => App\Http\Middleware\EncryptCookies::class, |
|
'verify_csrf_token' => App\Http\Middleware\VerifyCsrfToken::class, |
|
], |
|
|
|
];
|
|
|