DEV Community

Discussion on: Secure authentication in Nuxt SPA with Laravel as back-end

Collapse
 
klukiyan profile image
Kiril Lukiyan

Sorry for newbs question. What is that proxy for?

In order for this to work we need to make a proxy that will make request to our own API. It might seems confusing at first but once we're done it will make perfect sense.

Still don't understand it.

Thank you

Collapse
 
stefant123 profile image
StefanT123

Because we don't want our Passport client_secret exposed, so we are sending it with a proxy that's made in our backend along with the credentials that came from our frontend.

    [code]

    $params = array_merge([
        'client_id' => config('services.passport.password_client_id'),
        'client_secret' => config('services.passport.password_client_secret'),
        'scope' => '*',
    ], $params);

    [code]