allanlaal
commented
2 years ago this repo seems to be abandoned, you might have better luck discussing this over at https://github.com/php-open-source-saver/jwt-auth :)
Open sts-ryan-holton opened 2 years ago
allanlaal
commented
2 years ago this repo seems to be abandoned, you might have better luck discussing this over at https://github.com/php-open-source-saver/jwt-auth :)
CitizenBeta
commented
10 months ago @sts-ryan-holton Did you find a solution for Sanctum? I'm in a similar situation where I have a Laravel backend and want to authenticate on a website using a different domain.
sts-ryan-holton
commented
9 months ago @CitizenBeta I moved away from this package. You actually don't need it if you're using the backend as a RESTful API to some kind of front-end. I'm using Nuxt JS. If you're using the same, I'm using v5 of the auth module plugin.
CitizenBeta
commented
9 months ago @sts-ryan-holton I'm using NextJS with Laravel/Sanctum. Do you have any recommendations? It seems like any auth packages add a ton of complexity.
sts-ryan-holton
commented
9 months ago You just need the auth module for the Nuxt project (v5 in particular), then, for the Laravel side of things, you'll need to install Sanctum. I'm using v3 of this. After this, there's not much else to configure other than:
APP_URL=http://localhost:8005
SPA_HOME_URL=http://localhost:3005/
SPA_FRONTEND_URL=http://localhost:3005/
SPA_LOGIN_URL=http://localhost:3005/account/login/
SESSION_DOMAIN=localhost
SANCTUM_STATEFUL_DOMAINS=localhost,localhost:8005,localhost:3005Here's my cors file
<?php
return [
/*
|--------------------------------------------------------------------------
| Cross-Origin Resource Sharing (CORS) Configuration
|--------------------------------------------------------------------------
|
| Here you may configure your settings for cross-origin resource sharing
| or "CORS". This determines what cross-origin operations may execute
| in web browsers. You are free to adjust these settings as needed.
|
| To learn more: https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS
|
*/
'paths' => [
'api/*',
'user/*',
'email/*',
'sanctum/csrf-cookie',
'login',
'logout',
'register',
'forgot-password',
'reset-password',
'two-factor-challenge',
],
'allowed_methods' => ['*'],
'allowed_origins' => ['*'],
'allowed_origins_patterns' => [],
'allowed_headers' => ['*'],
'exposed_headers' => [],
'max_age' => 0,
'supports_credentials' => true,
];
Hi :wave:
I'm currently using library in a production environment on a medium sized system, and like many, feel that this project isn't being maintained.
Recently, Laravel 9 was released, along with PHP 8 less than 2 years ago.
Yesterday I tried changing my local development environment to PHP 8 and experienced the problem whereby this project only relies on PHP 7 and doesn't support PHP 8, furthermore I'm realising that long term I'm likely going to have to switch to something like Laravel Sanctum as my backend is in Laravel, and Laravel 9 includes Sanctum by default.
My issue though is how do I migrate my password hashes over to Sanctum from this project without having to ask customers to change their password?