Fix JWT handling for API access when logging in

2026-04-19 14:53:45 +02:00 · 2018-05-28 14:59:48 -07:00
parent aa61afb58f
commit a1444b047e
7 changed files with 143 additions and 68 deletions
--- a/config/jwt.php
+++ b/config/jwt.php
@@ -0,0 +1,17 @@
+<?php
+
+return [
+    /*
+    |--------------------------------------------------------------------------
+    | JWT Signing Key
+    |--------------------------------------------------------------------------
+    |
+    | This key is used for the verification of JSON Web Tokens in flight and
+    | should be different than the application encryption key. This key should
+    | be kept private at all times.
+    |
+    */
+    'key' => env('APP_JWT_KEY'),
+
+    'signer' => \Lcobucci\JWT\Signer\Hmac\Sha256::class,
+];