This package provides the same cookie based auth that the CreateFreshApiToken
middleware does, but for client_credentials
. This is useful when you protect non-user routes, but still want to consume them on the frontend without introducing a proxy.
Most of the code contained in this package is taken from Laravel Passport and adapted for this use-case - all credit goes to that repo.
composer require netsells/passport-client-cookie
Add to your app.php if not using Laravel 5.5+
// Other service providers
Netsells\PassportClientCookie\ServiceProvider::class,
],
In Http/Kernel.php
:
Add to your web
middleware group, probably at the bottom.
\Netsells\PassportClientCookie\Middleware\CreateFreshClientCredentialsApiToken::class,
Replace your CheckClientCredentials
route middleware with the passport client check:
'client' => \Netsells\PassportClientCookie\Middleware\CheckClientCredentials::class,
You can disable the checking middleware by pulling the WithoutClientCredentialsMiddleware
trait in and calling $this->withoutClientCredentialsMiddleware()
at the top of your test.