Skip to content

andriesreitsma/laravel-visa

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

6 Commits
config
config
 
 
routes
routes
 
 
src
src
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
composer.json
composer.json
 
 

Repository files navigation

laravel-visa

Add a VISA to your Laravel Passport, to give SPA's sign-in abilities using Passport ... work in progress

Add CreateFreshApiToken Middleware from laravel\passport add the end of all the web middleware, this way a cookie will be added to the responses coming from the back-end.

    /**
     * The application's route middleware groups.
     *
     * @var array
     */
    protected $middlewareGroups = [
        'web' => [
            ...
            \Laravel\Passport\Http\Middleware\CreateFreshApiToken::class,
        ],

Get CSRF Cookie before signing in with regular props

    const csrf = () => axios.get('/cookie')

Get your csrf cookie before posting to login to acquire a logged-in state

    await csrf()
    await axios.post('/login', [email,password]);

Logout is as simple as loggin in:

    await axios.post('/logout');

Since CSRF vurnability there's a workaround for posting with axios:

import Axios from 'axios'

const axios = Axios.create({
    baseURL: process.env.NEXT_PUBLIC_BACKEND_URL,
    headers: {
        'X-Requested-With': 'XMLHttpRequest',
        'Accept': 'application/json'
    },
    withCredentials: true,
    withXSRFToken: true  //Workaround
})

export default axios

About

Give SPA's sign-in abilities using Passport

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

Initial release Latest
May 2, 2022

Packages

No packages published

Languages