-
Notifications
You must be signed in to change notification settings - Fork 974
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
get ready for the new Taylor package #231
Comments
Can you elaborate on what's the benefit of changing to airlock from the jwt-auth package? |
nope ) |
this "airlock" will go "poooof" because noone in sane mind would change oauth2.0 on some crap like that |
@yurii-github this repo uses https://github.com/tymondesigns/jwt-auth which has 440 open issues at the moment laravel/airlock proposes two ways of going for a SPA behavior: stateful or stateless depening on the needs, so that's definitely something to consider. |
e-em, no. JWT is JWT, I personally will use directly "firebase/php-jwt" package after I get this SPA template to work in dev mode somehow... hopefully :/ no, i have not used "passport" but it looks as a good wrapper. About "stateful or stateless" - can you show me at least one use case for it, i see none. JS works with session w/o problem, etc.About state.. SPA loads once and its state is on client, that's the main purpose of SPA |
About JWT: AFAIK "laravel/passport" is built on top of "firebase/php-jwt": https://github.com/laravel/passport/blob/4c163b7821d29b6166fc2e93ad7649428b51c6db/composer.json#L19 Haven't found time to test it, but as I understood, Airlock is taking a different approach. When having your front-end served from the same server (basically when you don't have to think about CORS - same approach as in this package) you can use your basic auth flow like in a MPA (session based), and use Airlock to supply the csrf token for you, so that you won't need to refresh the page to get a fresh one. |
This article explains things pretty good: https://divinglaravel.com/authentication-and-laravel-airlock |
fyi, the package has been renamed to https://github.com/laravel/sanctum, seemingly on a whim. |
By "on a whim" you really mean, "because someone threatened a lawsuit". https://blog.laravel.com/airlock-renamed-to-sanctum |
I've published a new branch for Laravel Sanctum if you want to test it. |
Moving to #325 |
https://github.com/laravel/airlock
jwt going to past
also it makes simple refresh tokens ))))
The text was updated successfully, but these errors were encountered: