sanctum.php 2.2 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667
  1. <?php
  2. use Laravel\Sanctum\Sanctum;
  3. return [
  4. /*
  5. |--------------------------------------------------------------------------
  6. | Stateful Domains
  7. |--------------------------------------------------------------------------
  8. |
  9. | Requests from the following domains / hosts will receive stateful API
  10. | authentication cookies. Typically, these should include your local
  11. | and production domains which access your API via a frontend SPA.
  12. |
  13. */
  14. 'stateful' => explode(',', env('SANCTUM_STATEFUL_DOMAINS', sprintf(
  15. '%s%s',
  16. 'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1',
  17. Sanctum::currentApplicationUrlWithPort()
  18. ))),
  19. /*
  20. |--------------------------------------------------------------------------
  21. | Sanctum Guards
  22. |--------------------------------------------------------------------------
  23. |
  24. | This array contains the authentication guards that will be checked when
  25. | Sanctum is trying to authenticate a request. If none of these guards
  26. | are able to authenticate the request, Sanctum will use the bearer
  27. | token that's present on an incoming request for authentication.
  28. |
  29. */
  30. 'guard' => ['web'],
  31. /*
  32. |--------------------------------------------------------------------------
  33. | Expiration Minutes
  34. |--------------------------------------------------------------------------
  35. |
  36. | This value controls the number of minutes until an issued token will be
  37. | considered expired. If this value is null, personal access tokens do
  38. | not expire. This won't tweak the lifetime of first-party sessions.
  39. |
  40. */
  41. 'expiration' => null,
  42. /*
  43. |--------------------------------------------------------------------------
  44. | Sanctum Middleware
  45. |--------------------------------------------------------------------------
  46. |
  47. | When authenticating your first-party SPA with Sanctum you may need to
  48. | customize some of the middleware Sanctum uses while processing the
  49. | request. You may change the middleware listed below as required.
  50. |
  51. */
  52. 'middleware' => [
  53. 'verify_csrf_token' => App\Http\Middleware\VerifyCsrfToken::class,
  54. 'encrypt_cookies' => App\Http\Middleware\EncryptCookies::class,
  55. ],
  56. ];