Changeset View
Changeset View
Standalone View
Standalone View
src/config/auth.php
Show All 36 Lines | return [ | ||||
'guards' => [ | 'guards' => [ | ||||
'web' => [ | 'web' => [ | ||||
'driver' => 'session', | 'driver' => 'session', | ||||
'provider' => 'users', | 'provider' => 'users', | ||||
], | ], | ||||
'api' => [ | 'api' => [ | ||||
'driver' => 'jwt', | 'driver' => 'passport', | ||||
'provider' => 'users', | 'provider' => 'users', | ||||
], | ], | ||||
], | ], | ||||
/* | /* | ||||
|-------------------------------------------------------------------------- | |-------------------------------------------------------------------------- | ||||
| User Providers | | User Providers | ||||
|-------------------------------------------------------------------------- | |-------------------------------------------------------------------------- | ||||
Show All 40 Lines | return [ | ||||
'passwords' => [ | 'passwords' => [ | ||||
'users' => [ | 'users' => [ | ||||
'provider' => 'users', | 'provider' => 'users', | ||||
'table' => 'password_resets', | 'table' => 'password_resets', | ||||
'expire' => 60, | 'expire' => 60, | ||||
], | ], | ||||
], | ], | ||||
/* | |||||
|-------------------------------------------------------------------------- | |||||
| OAuth Proxy Authentication | |||||
|-------------------------------------------------------------------------- | |||||
| | |||||
| If you are planning to use your application to self-authenticate as a | |||||
| proxy, you can define the client and grant type to use here. This is | |||||
| sometimes the case when a trusted Single Page Application doesn't | |||||
| use a backend to send the authentication request, but instead | |||||
| relies on the API to handle proxying the request to itself. | |||||
| | |||||
*/ | |||||
'proxy' => [ | |||||
'client_id' => env('PASSPORT_PROXY_OAUTH_CLIENT_ID'), | |||||
'client_secret' => env('PASSPORT_PROXY_OAUTH_CLIENT_SECRET'), | |||||
], | |||||
'token_expiry_minutes' => env('OAUTH_TOKEN_EXPIRY', 60), | |||||
machniak: The old default was 1 hour. 24 hours is too much imo. | |||||
'refresh_token_expiry_minutes' => env('OAUTH_REFRESH_TOKEN_EXPIRY', 30 * 24 * 60), | |||||
Done Inline ActionsPlease, make these configurable via .env file. machniak: Please, make these configurable via .env file. | |||||
]; | ]; |
The old default was 1 hour. 24 hours is too much imo.