I'm building a back end in Laravel for an Android/iPhone APP. I am currently usine JWT-AUTH package for authentication but I have noticed that /register route is pretty much open and if someone wanted, they could create a rogue app and spam my back end with fake registrations.
Is there a way to prevent it? I do not want to use Passport because I would then have to hardcode client_id and client_secret in the mobile app anyway.
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire