I am building a RESTful Laravel 5.1 API. I only want to allow my frontend Angular app to access certain routes, but currently all the routes are simply exposed.
I was going to use auth middleware to check that my frontend app is authorized to access a route:
$router->get('/sensitiveData', ['middleware' => 'auth',
'Resources\Questions@getSensitiveData'
]);
But this is good for checking a specific user.
How can I protect my routes such that only specified client apps can access routes? Should I be registering a ClientID somewhere? How can I specify this?
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire