Issue
I'm currently using Santum SPA autentication and noticed that I can login from mozilla and chrome at the same time. This means that users can login from different devices. How do I prevent this with Sanctum SPA Authencation?
The thing is I think I should be able to do this if I use Sanctum Tokens since I can easily check if the user has an existing token.
$tokens = $user->tokens;
However, the documentation says:
You should not use API tokens to authenticate your own first-party SPA. Instead, use Sanctum's built-in SPA authentication features.
The things I'll lose if I use sanctum tokens for SPA:
This approach to authentication provides the benefits of CSRF protection, session authentication, as well as protects against leakage of the authentication credentials via XSS.
or is this outside the scope of Laravel Sanctum?
Solution
After googling I'm convinced that this functionality is not included in Laravel SPA Sanctum out-of-the-box.
But I found this youtube video that made this possile.
Answered By - jove0610
Posts
0 Comments:
Post a Comment
Note: Only a member of this blog may post a comment.