sanctum.php 2.2 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465
  1. <?php
  2. return [
  3. /*
  4. |--------------------------------------------------------------------------
  5. | Stateful Domains
  6. |--------------------------------------------------------------------------
  7. |
  8. | Requests from the following domains / hosts will receive stateful API
  9. | authentication cookies. Typically, these should include your local
  10. | and production domains which access your API via a frontend SPA.
  11. |
  12. */
  13. 'stateful' => explode(',', env('SANCTUM_STATEFUL_DOMAINS', sprintf(
  14. '%s%s',
  15. 'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1',
  16. env('APP_URL') ? ','.parse_url(env('APP_URL'), PHP_URL_HOST) : ''
  17. ))),
  18. /*
  19. |--------------------------------------------------------------------------
  20. | Sanctum Guards
  21. |--------------------------------------------------------------------------
  22. |
  23. | This array contains the authentication guards that will be checked when
  24. | Sanctum is trying to authenticate a request. If none of these guards
  25. | are able to authenticate the request, Sanctum will use the bearer
  26. | token that's present on an incoming request for authentication.
  27. |
  28. */
  29. 'guard' => ['web'],
  30. /*
  31. |--------------------------------------------------------------------------
  32. | Expiration Minutes
  33. |--------------------------------------------------------------------------
  34. |
  35. | This value controls the number of minutes until an issued token will be
  36. | considered expired. If this value is null, personal access tokens do
  37. | not expire. This won't tweak the lifetime of first-party sessions.
  38. |
  39. */
  40. 'expiration' => null,
  41. /*
  42. |--------------------------------------------------------------------------
  43. | Sanctum Middleware
  44. |--------------------------------------------------------------------------
  45. |
  46. | When authenticating your first-party SPA with Sanctum you may need to
  47. | customize some of the middleware Sanctum uses while processing the
  48. | request. You may change the middleware listed below as required.
  49. |
  50. */
  51. 'middleware' => [
  52. 'verify_csrf_token' => App\Http\Middleware\VerifyCsrfToken::class,
  53. 'encrypt_cookies' => App\Http\Middleware\EncryptCookies::class,
  54. ],
  55. ];