composer require hogus/api-signature
php artisan vendor:publish --provider=Hogus\\ApiSignature\\ApiSignatureServiceProvider
#sign
API_SIGN_ENABLED=true
API_SIGN_SECRET=secret
#API_SIGN_KEY=sign
#API_SIGN_TIMESTAMP_KEY=timestamp
#API_SIGN_TIMEOUT=60
Add the API signature middleware to the middleware aliases in your Kernel.php
file:
protected $middlewareAliases = [
//...,
'sign' => \Hogus\ApiSignature\Middleware\ApiSignature::class,
]
Apply the sign middleware to the desired routes or route groups:
Route::middleware('sign:api')->group(function () {
// your routes
});
This ensures that the API signature will be verified for all requests to these routes.
If you want to handle API signature verification exceptions in a custom way, you can define a renderable closure in your app/Exceptions/Handler.php
file. For example, to return a JSON response containing the error message:
use Hogus\ApiSignature\ApiSignatureException;
$this->renderable(function (ApiSignatureException $exception, $request) {
return response()->json(['message' => $exception->getMessage()]);
});
- MD5
- Hash(sha256)