Support the ongoing development of Laravel.io →
stojankukrika
posted 9 years ago
Authentication Requests
Last updated 2 years ago.
0
drimz
replied 9 years ago

Hi,

I never did this so maybe somebody will have a better answer.

But i know you can check the origin of the request in the headers.

$request->header('origin');

Then check if secret key match domain.

Last updated 9 years ago.
0
stojankukrika
replied 9 years ago

Origin returns me a null. API key unique but user can use that key in many sites, so I want disable it option.

0
drimz
replied 9 years ago

My bad it's not origin, try with

$request->header('Host');

You can check headers in chrome inspector, look at a javascript request for example ;)

Last updated 9 years ago.
0
stojankukrika
replied 9 years ago

It returns me a API url. Maybe it helps, I call curl on this way:

$query['appkey'] = 'some lenght key';
$str = '';
foreach($query as $k => $v)
     $str .= $k.'='.$v.'&';
$ch = curl_init();
$url = "http://apiwebsite/api/data?" . $str;
curl_setopt($ch, CURLOPT_URL, $url);
curl_exec($ch);
curl_close($ch);
Last updated 9 years ago.
0
drimz
replied 9 years ago

Hmmm,

did you tried with

$request->header('referer');
0

Sign in to participate in this thread!

Eventy

Your banner here too?

stojankukrika stojankukrika Joined 22 Dec 2014

Moderators

We'd like to thank these amazing companies for supporting us

Eventy
Fathom
Forge
Envoyer
Beyond Code
BairesDev
Dotcom-monitor
N-iX

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

Laravel.io

Forum Articles Pastebin

Socials

X (Twitter) GitHub

The community

Laravel Laravel Laravel News Laravel News
Laracasts Laracasts Laravel Podcast Laravel Podcast
© 2024 Laravel.io - All rights reserved.
Terms of service Privacy policy Advertise