Answer the question
In order to leave comments, you need to log in
How to work with Laravel sessions?
Hello!
I authorize on the site using tokens When requesting the API, the key comes in the header and compares
it
in the database, the key lives for 1 hour
.
get rid of queries to the database when checking?
Laravel has a Session class, I can’t understand how to manage it.
I need that when a key is generated during authorization, it is also entered into the session for an hour and if there is a session, it skips
Answer the question
In order to leave comments, you need to log in
JWT (Json Web Token) has long been invented for API authorization. JWT is base-64 encoded json object consisting of headers, payload and signature hash. In the payload, you can put all the information that you do not want to run to the database, username, role, etc. The authenticity of the token is guaranteed by the signature. The token is signed on the backend, upon creation, with your secret string. There is a package for Laravel .
JWT website - https://jwt.io
The API cannot have sessions. We need to stop reinventing the wheel and take, for example, Passport.
If there is no opportunity to use Passport, then you need to stop worrying about requests to the database.
If you really want to break all generally accepted conventions and use sessions, then you need to go and read about them in the documentation.
In any case, the session will be drawn from somewhere by some key. This "some key" will live in the cookie, which already breaks the benefits of the token API. Moreover, according to this "some key" data will be pulled from some kind of radish. Better than from the base, but still not instantly.
Do you have millions of users on the site at the same time? Hundreds of millions of visits a day? Not? Then forget.
It will be much easier for you to scale vertically / horizontally than to write the entire authorization on some crutches (cookies). And take laravel-passport.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question