| 13 |
lars |
1 |
<?php
|
|
|
2 |
|
|
|
3 |
use Laravel\Sanctum\Sanctum;
|
|
|
4 |
|
|
|
5 |
return [
|
|
|
6 |
|
|
|
7 |
/*
|
|
|
8 |
|--------------------------------------------------------------------------
|
|
|
9 |
| Stateful Domains
|
|
|
10 |
|--------------------------------------------------------------------------
|
|
|
11 |
|
|
|
|
12 |
| Requests from the following domains / hosts will receive stateful API
|
|
|
13 |
| authentication cookies. Typically, these should include your local
|
|
|
14 |
| and production domains which access your API via a frontend SPA.
|
|
|
15 |
|
|
|
|
16 |
*/
|
|
|
17 |
|
|
|
18 |
'stateful' => explode(',', env('SANCTUM_STATEFUL_DOMAINS', sprintf(
|
|
|
19 |
'%s%s',
|
|
|
20 |
'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1',
|
|
|
21 |
Sanctum::currentApplicationUrlWithPort()
|
|
|
22 |
))),
|
|
|
23 |
|
|
|
24 |
/*
|
|
|
25 |
|--------------------------------------------------------------------------
|
|
|
26 |
| Sanctum Guards
|
|
|
27 |
|--------------------------------------------------------------------------
|
|
|
28 |
|
|
|
|
29 |
| This array contains the authentication guards that will be checked when
|
|
|
30 |
| Sanctum is trying to authenticate a request. If none of these guards
|
|
|
31 |
| are able to authenticate the request, Sanctum will use the bearer
|
|
|
32 |
| token that's present on an incoming request for authentication.
|
|
|
33 |
|
|
|
|
34 |
*/
|
|
|
35 |
|
|
|
36 |
'guard' => ['web'],
|
|
|
37 |
|
|
|
38 |
/*
|
|
|
39 |
|--------------------------------------------------------------------------
|
|
|
40 |
| Expiration Minutes
|
|
|
41 |
|--------------------------------------------------------------------------
|
|
|
42 |
|
|
|
|
43 |
| This value controls the number of minutes until an issued token will be
|
|
|
44 |
| considered expired. If this value is null, personal access tokens do
|
|
|
45 |
| not expire. This won't tweak the lifetime of first-party sessions.
|
|
|
46 |
|
|
|
|
47 |
*/
|
|
|
48 |
|
|
|
49 |
'expiration' => null,
|
|
|
50 |
|
|
|
51 |
/*
|
|
|
52 |
|--------------------------------------------------------------------------
|
|
|
53 |
| Sanctum Middleware
|
|
|
54 |
|--------------------------------------------------------------------------
|
|
|
55 |
|
|
|
|
56 |
| When authenticating your first-party SPA with Sanctum you may need to
|
|
|
57 |
| customize some of the middleware Sanctum uses while processing the
|
|
|
58 |
| request. You may change the middleware listed below as required.
|
|
|
59 |
|
|
|
|
60 |
*/
|
|
|
61 |
|
|
|
62 |
'middleware' => [
|
|
|
63 |
'verify_csrf_token' => App\Http\Middleware\VerifyCsrfToken::class,
|
|
|
64 |
'encrypt_cookies' => App\Http\Middleware\EncryptCookies::class,
|
|
|
65 |
],
|
|
|
66 |
|
|
|
67 |
];
|