hskwon
798d5149ea
- AuthService: 토큰 발급/갱신 통합 관리 - RefreshController: POST /api/v1/refresh 엔드포인트 추가 - 액세스 토큰 2시간, 리프레시 토큰 7일 (.env 설정) - TOKEN_EXPIRED 에러 코드로 프론트엔드 자동 리프레시 지원 - 리프레시 토큰 일회성 사용 (보안 강화) - Swagger 문서 Auth 태그로 통합
90 lines
3.3 KiB
PHP
90 lines
3.3 KiB
PHP
<?php
|
|
|
|
use Laravel\Sanctum\Sanctum;
|
|
|
|
return [
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Stateful Domains
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Requests from the following domains / hosts will receive stateful API
|
|
| authentication cookies. Typically, these should include your local
|
|
| and production domains which access your API via a frontend SPA.
|
|
|
|
|
*/
|
|
|
|
'stateful' => explode(',', env('SANCTUM_STATEFUL_DOMAINS', sprintf(
|
|
'%s%s',
|
|
'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1',
|
|
Sanctum::currentApplicationUrlWithPort()
|
|
))),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Sanctum Guards
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This array contains the authentication guards that will be checked when
|
|
| Sanctum is trying to authenticate a request. If none of these guards
|
|
| are able to authenticate the request, Sanctum will use the bearer
|
|
| token that's present on an incoming request for authentication.
|
|
|
|
|
*/
|
|
|
|
'guard' => ['web'],
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Expiration Minutes
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| This value controls the number of minutes until an issued token will be
|
|
| considered expired. This will override any values set in the token's
|
|
| "expires_at" attribute, but first-party sessions are not affected.
|
|
|
|
|
| Access Token: SANCTUM_ACCESS_TOKEN_EXPIRATION (default: null, unlimited)
|
|
| Refresh Token: SANCTUM_REFRESH_TOKEN_EXPIRATION (default: null, unlimited)
|
|
|
|
|
*/
|
|
|
|
'expiration' => null, // Global default, can be overridden per token
|
|
|
|
'access_token_expiration' => env('SANCTUM_ACCESS_TOKEN_EXPIRATION'),
|
|
'refresh_token_expiration' => env('SANCTUM_REFRESH_TOKEN_EXPIRATION'),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Token Prefix
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| Sanctum can prefix new tokens in order to take advantage of numerous
|
|
| security scanning initiatives maintained by open source platforms
|
|
| that notify developers if they commit tokens into repositories.
|
|
|
|
|
| See: https://docs.github.com/en/code-security/secret-scanning/about-secret-scanning
|
|
|
|
|
*/
|
|
|
|
'token_prefix' => env('SANCTUM_TOKEN_PREFIX', ''),
|
|
|
|
/*
|
|
|--------------------------------------------------------------------------
|
|
| Sanctum Middleware
|
|
|--------------------------------------------------------------------------
|
|
|
|
|
| When authenticating your first-party SPA with Sanctum you may need to
|
|
| customize some of the middleware Sanctum uses while processing the
|
|
| request. You may change the middleware listed below as required.
|
|
|
|
|
*/
|
|
|
|
'middleware' => [
|
|
'authenticate_session' => Laravel\Sanctum\Http\Middleware\AuthenticateSession::class,
|
|
'encrypt_cookies' => Illuminate\Cookie\Middleware\EncryptCookies::class,
|
|
'validate_csrf_token' => Illuminate\Foundation\Http\Middleware\ValidateCsrfToken::class,
|
|
],
|
|
|
|
];
|