0

Recently I've created an app using a Vie.js framework and for the backend, I've used Laravel. Now the problem is that how would you store the API keys (client_secret) securely inside the Vue, which is used to authenticate the users? So they are not exposed to anyone who knows how to use the browsers' dev tool.

Improve this question
3
  • Possible duplicate of How to protect an API Key when using JavaScript? Commented Jan 13, 2018 at 11:25
  • That's a server-side's job. You should decide on the server side if that user is authorized to perform some action. Simplest solution would be to not only check secret key, but also their IP, user agent. Commented Jan 13, 2018 at 11:44
  • The api key should be different for each authenticated user, and should expire and require refresh after some time. Try learning how others use JSON web token. Easiest way : try using auth0(may not be free) on both clients and server. Commented Jan 13, 2018 at 12:30
Related questions
9
What is the laravel way of storing API keys?
30
Best practice for storing auth tokens in VueJS?
1
how to access vue.js api key in laravel application
Load 7 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.