I've followed all the directions from the documentation and I've also watched the Passport video on Laracasts.
This all seems to focus on unprotected API endpoints, ie: those outside of the auth:api middleware. In Taylor's video example he sets the endpoint as:
Route::get('/user', function (Request $request) {
return $request->user();
});
I'm not sure why anyone would want to leave this sensitive information unprotected, but that's beside the point. I need to have all my routes protected behind the auth middleware like so:
Route::group(['middleware' => 'auth:api'], function() {
Route::get('/user', function (Request $request) {
return $request->user();
});
});
How do I go about getting Passport to authenticate the user? The docs suggest that this should work out of the box, but clearly it doesn't.
via Chebli Mohamed
Aucun commentaire:
Enregistrer un commentaire