Hi,
I never did this so maybe somebody will have a better answer.
But i know you can check the origin of the request in the headers.
$request->header('origin');
Then check if secret key match domain.
Origin returns me a null. API key unique but user can use that key in many sites, so I want disable it option.
My bad it's not origin, try with
$request->header('Host');
You can check headers in chrome inspector, look at a javascript request for example ;)
It returns me a API url. Maybe it helps, I call curl on this way:
$query['appkey'] = 'some lenght key';
$str = '';
foreach($query as $k => $v)
$str .= $k.'='.$v.'&';
$ch = curl_init();
$url = "http://apiwebsite/api/data?" . $str;
curl_setopt($ch, CURLOPT_URL, $url);
curl_exec($ch);
curl_close($ch);
Sign in to participate in this thread!
The Laravel portal for problem solving, knowledge sharing and community building.
The community