Every user of my application may use the API only within the application with Vue. The old api_token solution works for me, but it seems to be insecure since the api_token is the only thing that separates the user from the data.
I've read about Passport that uses OAuth2 methodology which is far more secure than a simple api_token.
Is there a way to use Passport to achieve this? Note that every time a user is created, I must create a API token to him.
We have no plans to open this API for external applications.
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire