如何仅允许 api 访问 android 或 ios 应用程序(laravel)? [英] How to allow api access to android or ios app only(laravel)?
问题描述
我正在 Laravel 中实现一个 api.
I am implementing an api in laravel.
我想要的是我的 api 不应该从任何地方访问,除了 android/ios 应用程序.我用谷歌搜索并知道我可以使用 API KEY.
what I want is my api should not be accessible from anywhere except from android/ios app.I googled and came to know that I can make use of API KEY.
但我不确定它是否正确.
But I am not sure is it correct way or not.
目前使用 OAuth2 进行用户身份验证.
Currently using OAuth2 for user authentication.
请帮忙.
推荐答案
您要做的是为每个用户创建一个令牌,将其保存在客户端的设备中,并在客户端发出的每个请求中进行验证.
What you want to do is to create a token for each user, save it in the client's device , verify it in each request that the client makes.
>
所以基本上你想:
So basically you want to:
- 为用户表中的令牌创建一个列
- 在用户注册时生成令牌
- 创建一个登录路由,以便用户使用他的电子邮件、密码登录,他将取回存储在设备中的令牌
- 制作一个中间件来检查每个请求中的令牌(除了登录)
- Make a column for the token in the users table
- generate the token when the user registers
- make a login route so that the user would login with his email,password and he will getback the token to store in the device
- make a middleware that would check for the token in each request ( except for the login )
我写了一篇和你想要的完全一样的文章
I wrote an article of the exact same thing you want
这篇关于如何仅允许 api 访问 android 或 ios 应用程序(laravel)?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!