Reputation: 1153
Authenticating Angular API Call to Laravel
I am building an application using Laravel and Angular. I have defined the following route
Route::group(array('prefix' => 'api'), function() {
Route::resource('getdealsbymerchant/{merchant_id}', 'dealsController@getdealsbymerchant',
array('only' => array('index')));
});
I have this route working. When I hit it I get a JSON response.
I have also been able to make API call in Angular to read the data and displayed it.
In my app.js I have defined
var app = angular.module('deals', [])
.constant('API_URL', 'http://www.coupon.local/api/getdealsbymerchant/');
I am aware that I can protect routes by adding
'middleware' => 'auth',
to the route.
My question is how do I authenticate my Angular application to make sure that only the angular application has access to the API and not everyone else.
Do I pass username and password in the app.js or is there a better way of doing it? Also since app.js is in public folder, wouldn't everyone be able to see the username password I am passing?
Please help. Thanks.
Upvotes: 1
Views: 708
Answers (1)
Reputation: 85
Storing any user or password , keys etc.. in angular is a bad idea because it makes it visible for the user.. The best way I know is to make a middle layer ... so instead of calling this endpoint : http://www.coupon.local/api/getdealsbymerchant/
angular should call : http://www.coupon.local/getdealsbymerchant which internally will do the call to the api and has all the private things in server side
Upvotes: 1
Related Questions
- Laravel 5.6 API Authorization
- How to handle API credentials in an Angular app?
- Laravel 5.2 Authentication via API
- How to authenticate API requests in Laravel?
- User Authentication in Laravel 5 + AngularJs Without JWT
- Secure API calls from AngularJS to Laravel
- Authenticating an API call from Laravel
- Basic Authentication with AngularJS (resource) and Laravel
- AngularJS + Laravel 5 Authentication
- How to access a laravel API with authentication