Laravel Token Validation (Passport)

Asked

Viewed 351 times

0

I developed an api in Laravel. It’s all right, it’s all working.

The Front-End is being developed in Angular. I would like to know if there is any method provided by passport for validation of acess token.

Example: Angular has a token => Sends the Api => Api (Laravel) validates whether it is a token valid => Returns sim or não.

For this would be necessary after the token spiral time, thus needing to generate a new.

I’m using Ubuntu 18.04.4 LTS and Laravel Framework 6.17.1

laravel angular

2 answers

2


There is no way and even if it is not possible to validate the token in the frontend, if you want to validate one token, or receive another after it expires, it is necessary to send a request to the server.

The Passport validates the token via middleware, which can be used in the Controller or in the route itself:

Route::get('/users', 'UserController@index')->middleware('auth:api');

You can send Accept: application/json in the header to receive the reply in json if the token is valid, if the answer comes 'Unauthenticated' you need to send a new login request to generate another token.

  • That’s what I wanted. And it’s the backendeven if it will validate. The frontend will only send and receive the reply.

1

I strongly recommend that you use token generation/revocation/validation directly in the Standard, as well as perform the desired expiration time settings for some reasons such as:

  • Your API token serves to access API resources while your angular token, to access Angular resources
  • Laravel contains a consolidated framework for API development, such as security... Searching for ways to validate security across different frameworks is not native support for the Laravel framework, which means you’re likely to leave gaps in token security
  • It’s easier to work with the framework token, than to go all the way around

I hope, after an analysis of what is written, that you can follow the right path !!

  • Buddy, I got it. But the token I want to validate is from the Passport itself, only at this point it is being manipulated inside the angular, that’s what I would like to validate again. Forgive my ignorance if your answer answers my question.

Browser other questions tagged laravel angular

You are not signed in. Login or sign up in order to post.