
Laravel Api Auth
Laravel gives easy ways to handle api authorization using user based tokens, but sometimes you need to use a single token to give access to your application, especially when you're developing two apps that need to be connected, or perhaps you're in need of connecting Telegram-bot to your app endpoint using webhooks
Laravel-api-auth makes that easy as breathe, no migrations, no models
Installing package
If you're using Laravel prior to 5.5, consider using v0.1 branch
$ composer require erjanmx/laravel-api-auth
Publish the Package configuration
$ php artisan vendor:publish --provider="Apiauth\Laravel\CAuthServiceProvider"
Using package
Step 1
Change defaults in config/apiauth.php
setting
- a service name of your remote application name that will connect to your laravel app for example REMOTE_APP
- service token key so it will point to your token in
.env
file for example REMOTE_APP_TOKEN
Step 2
- Add your remote app token in
.env
file
// .env
...your other variables
REMOTE_APP_TOKEN=<secret-token>
Step 3
- Add 'apiauth:REMOTE_APP' middleware to your routes
// /routes/api.php
Route::group(['prefix' => 'v1', 'middleware' => ['apiauth:REMOTE_APP']], function () {
// your routes
});
That's all
Your urls within your group is accessible only if valid token is provided
- In
GET
or POST
request
- In request header as
Authorization Bearer
- In
json
raw body
You're free to change token name (api_token
by default) in configuration file as well as
authorization methods to be checked.
Also you can set as many services as you want.