diff options
| author | Frankie B <git@diskfloppy.me> | 2023-06-13 21:59:16 +0100 |
|---|---|---|
| committer | Frankie B <frankieraybrown@gmail.com> | 2023-06-14 22:15:44 +0100 |
| commit | a464ef4c0e3ce235fb1da70dfb282449beeeac80 (patch) | |
| tree | 4708f5c996376dd94f2cc49f7d16dc80eef1a4df /config/sanctum.php | |
| parent | 44db6ce1d9cfdca7e175cb74ee7d818b94571bc4 (diff) | |
Initialize laravel app
Diffstat (limited to 'config/sanctum.php')
| -rw-r--r-- | config/sanctum.php | 67 |
1 files changed, 67 insertions, 0 deletions
diff --git a/config/sanctum.php b/config/sanctum.php new file mode 100644 index 0000000..529cfdc --- /dev/null +++ b/config/sanctum.php @@ -0,0 +1,67 @@ +<?php + +use Laravel\Sanctum\Sanctum; + +return [ + + /* + |-------------------------------------------------------------------------- + | Stateful Domains + |-------------------------------------------------------------------------- + | + | Requests from the following domains / hosts will receive stateful API + | authentication cookies. Typically, these should include your local + | and production domains which access your API via a frontend SPA. + | + */ + + 'stateful' => explode(',', env('SANCTUM_STATEFUL_DOMAINS', sprintf( + '%s%s', + 'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1', + Sanctum::currentApplicationUrlWithPort() + ))), + + /* + |-------------------------------------------------------------------------- + | Sanctum Guards + |-------------------------------------------------------------------------- + | + | This array contains the authentication guards that will be checked when + | Sanctum is trying to authenticate a request. If none of these guards + | are able to authenticate the request, Sanctum will use the bearer + | token that's present on an incoming request for authentication. + | + */ + + 'guard' => ['web'], + + /* + |-------------------------------------------------------------------------- + | Expiration Minutes + |-------------------------------------------------------------------------- + | + | This value controls the number of minutes until an issued token will be + | considered expired. If this value is null, personal access tokens do + | not expire. This won't tweak the lifetime of first-party sessions. + | + */ + + 'expiration' => null, + + /* + |-------------------------------------------------------------------------- + | Sanctum Middleware + |-------------------------------------------------------------------------- + | + | When authenticating your first-party SPA with Sanctum you may need to + | customize some of the middleware Sanctum uses while processing the + | request. You may change the middleware listed below as required. + | + */ + + 'middleware' => [ + 'verify_csrf_token' => App\Http\Middleware\VerifyCsrfToken::class, + 'encrypt_cookies' => App\Http\Middleware\EncryptCookies::class, + ], + +]; |