I'm creating a vue application using Larvel Passport as the backend. I want to avoid having client-id on the server. This means creating my own authorization controller which doesn't have access to session variables.
I only see one option: Use session middleware and replace the code here: https://github.com/laravel/passport/blob/9.x/src/Http/Controllers/AuthorizationController.php Line: 61, 62, 63
I'm having a hard time finding a solution.
If anyone could point me in the right direction, or if anyone could share some ideas, I'd be very grateful.
P粉0051346852023-09-10 13:01:19
My solution became very simple. I copied the AuthorizationController (mentioned above), removed all references to StatefulGuard, and placed the new controller in the routing group auth:api. This way the user must be logged in to authorize the client.