Reputation: 124
Laravel Restfull Api Security
to me what is needed to prevent outsiders. I just want to respond to requests from those places I have defined.
Example : allowed applications and url
com.x.app
com.y.app
--------- AND ---------
http://www.x.com
Is there an easy way to do this? Best regards!
Upvotes: 0
Views: 127
Answers (2)
Reputation: 81
You should explain what you want clearly. Basically, to do something like this you need to check the $_SERVER['HTTP_USER_AGENT'] attribute of the HTTP header that you are receiving and filter on Android or iPhone keywords.
Upvotes: 1
Reputation: 184
The best way to build a RESTful API in Laravel is via the routes/api.php
When you add a route to this file, such as the following:
Route::get('/users/list', 'ApiController@userList');
This means when you go to yourwebsite.com/api/users.list, it will execute the given method in the given controller.
As far as authenticating you API users, you can store your users and their API keys in a database and authenticate them before they reach the method by using the magic construct method.
public function __construct() {
$inputKey = filter_input(INPUT_GET, 'key'); //filter input the way you want
if(!isCustomer($inputKey) { //validate api keys in your app somehow
die('Authentication Failure'); //kick the freebooters
}
}
Upvotes: 0
Related Questions
- Best way to make restfull API in Laravel
- Secure API without a user registration - php/Laravel
- Process to secure my REST API with Laravel
- RESTful APIs using Laravel
- How to protect ajax requests in Laravel?
- Laravel API - protecting route access
- Security PHP RESTful API
- REST api authenication with laravel
- Laravel 3 - RESTful API
- Protecting specific request types, restful API, Laravel