aboutsummaryrefslogtreecommitdiff
path: root/config/sanctum.php
diff options
context:
space:
mode:
Diffstat (limited to 'config/sanctum.php')
-rw-r--r--config/sanctum.php67
1 files changed, 67 insertions, 0 deletions
diff --git a/config/sanctum.php b/config/sanctum.php
new file mode 100644
index 0000000..529cfdc
--- /dev/null
+++ b/config/sanctum.php
@@ -0,0 +1,67 @@
+<?php
+
+use Laravel\Sanctum\Sanctum;
+
+return [
+
+ /*
+ |--------------------------------------------------------------------------
+ | Stateful Domains
+ |--------------------------------------------------------------------------
+ |
+ | Requests from the following domains / hosts will receive stateful API
+ | authentication cookies. Typically, these should include your local
+ | and production domains which access your API via a frontend SPA.
+ |
+ */
+
+ 'stateful' => explode(',', env('SANCTUM_STATEFUL_DOMAINS', sprintf(
+ '%s%s',
+ 'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1',
+ Sanctum::currentApplicationUrlWithPort()
+ ))),
+
+ /*
+ |--------------------------------------------------------------------------
+ | Sanctum Guards
+ |--------------------------------------------------------------------------
+ |
+ | This array contains the authentication guards that will be checked when
+ | Sanctum is trying to authenticate a request. If none of these guards
+ | are able to authenticate the request, Sanctum will use the bearer
+ | token that's present on an incoming request for authentication.
+ |
+ */
+
+ 'guard' => ['web'],
+
+ /*
+ |--------------------------------------------------------------------------
+ | Expiration Minutes
+ |--------------------------------------------------------------------------
+ |
+ | This value controls the number of minutes until an issued token will be
+ | considered expired. If this value is null, personal access tokens do
+ | not expire. This won't tweak the lifetime of first-party sessions.
+ |
+ */
+
+ 'expiration' => null,
+
+ /*
+ |--------------------------------------------------------------------------
+ | Sanctum Middleware
+ |--------------------------------------------------------------------------
+ |
+ | When authenticating your first-party SPA with Sanctum you may need to
+ | customize some of the middleware Sanctum uses while processing the
+ | request. You may change the middleware listed below as required.
+ |
+ */
+
+ 'middleware' => [
+ 'verify_csrf_token' => App\Http\Middleware\VerifyCsrfToken::class,
+ 'encrypt_cookies' => App\Http\Middleware\EncryptCookies::class,
+ ],
+
+];
generated by cgit v1.2.3-54-g00ecf (git 2.39.0) at 2024-11-01 11:35:27 +0000