So I'm building an API for a client. I decided to use Laravel 5 everything works fine except for posting data. I looked online for answers and they all said to include the laravel {{csrf_token()}} function; however, my angular app is a completely separate app in another server than the laravel API. what are some best practices for me to fix this issue?
You can disable the csrf for that page and add basic auth (or any API authentication) instead.
Related
I am working on a react native application for a website which is made in Laravel so all of its APIs are based on Laravel.
I am facing a problem of CSRF token when making POST request to the Laravel Backend. Every Time I am getting a response of Page is Expired.
I have done some research on the issue and found that CSRF tokens are generated by Laravel by default for security purposes. My question is how can I connect to Laravel API.
One solution which was suggested is to use JWT tokens but that's really not a feasible solution for me and I am not sure how to implement JWT Authentication in Laravel.
Another Solution which I have read is that whenever we visit a page made using Laravel then in window object window.csrfToken can be accessed which is the token I need for making the API calls. Is it true? and if it is then how can I get that in React Native Application (should I make a GET request for the website and try to get the token from there is it possible?)
One more solution I think is that we can bypass some routes in Laravel Middleware so that token is not checked.
I need some suggestions on the issue. Also need to know that above solutions are correct or not and which one should I use.
Thanks
I want to use laravel(as backend) and angular(as frontend).
As far as I know I can use 2 methods :-
1) I can integrate both frameworks by using API service or
2) I can use monolithic architecture style (using angular with blade template)
As per my requirements 2nd option is better because in it I can use laravel's default functionalities in angular like (Auth, user roles and permissions etc).
But I afraid that 2nd option makes the project complex and messy in future.
which is the better option?
I have used myself Laravel with Angular v2+, the way I did was to make two separate projects, one which creates the API's (The Laravel app) and one which consumes the API's (Angular v6 app). That is how it is meant to work and that is how you should approach it.
If you want to integrate the front with the back end, and still have a powerful SPA, then you can go with VueJS, there are vast resources when it comes to the Laravel Vue combination.
another thing to consider is what is this project about?
is it a client website? or just a web app? does it require SEO? beware.
make sure you fully understand (angular) universal and it's current limitations/problems.
UPDATE: I am currently using Angular 6 with with Server side rendering(universal) and a Laravel API as a Backend solution for a complex & highly ranked website in the UK.
You have API routes available which doesn't look for CSRF tokens. Use any JWT package for web token authentication implementation. Host your Angular app separately and send request to API routes.
Your Angular apps are standalone applications. They don't need Laravel for running on server. You just need to use API routes for working with data.
i am making a web app use with react 4 and lumen to backend api. i made a login form use on username and password but i don't know how can i logged the user and kick out from the pacge if the user is not logged in.
I looked for many login example for the react but almost all of it use redux and i a newbie on this so it is very complex for me.
I want to learn this logic that means how can i use and why ? how it can be stored secure? how can protect to user like php session in react. how can i use auth middleware like in laravel.
could i use session in react ? is it possible?
no one make an app about i told. i don't want to use express and nodejs. i am using php server on backend ?
please help me
React will be a different server same like php server, you will communicate through REST API Rest is stateless protocol so you cant use php session inside react application, recommended way to solve this issue is introduce JWT in backend Use jwt-auth this reference for that.
I'm currently working on a CakePHP 3 application, trying to connect to Microsoft Azure using OAuth2. To this end, I'm trying to integrate the UseMuffin OAuth2 plugin. However, I'm struggling with the documentation. It seems to describe how to configure the plugin, but not how to actually use it. What methods do I call and how when I want to initiate an OAuth2 authentication? I'm somewhat familiar with OAuth2 itself, already wrote a little stand-alone PHP script that successfully authenticates using Curl. I'm just not sure how the UseMuffin plugin can help.
To be clear, the CakePHP 3 application I'm working on already has its own authentication scheme. I just want some users (not all) that are already authenticated with my application, to connect with Azure, so we can exchange information. I'm not sure the UseMuffin plugin can work alongside an existing means of authentication?
I've got a REST-API made in flask (python) for my mobile app. But, know we wanted to do the web app, so and we'll do it in PHP. Everyone recommends us to use Laravel, but, they say that it's a framework that is strong if you use it completely (this includes the ORM).
For someone who used it before: Is that true? Shall we use another framework in order to make the app web because its an overkill using Laravel? Or there's a good way to use laravel without communicating directly with a database?
Thanks in advance
If you have an API why don't use angular, emberjs or vuejs?
You can use Laravel to connect to the API database or make http_request to the python API in the Laravel controller.
All options are valid.