Hello people!
I want to make an api rest token based with authentication.
Now, I am sending on the header of every request the user token in the authentication header, which is extremely dangerous because I am exposing the token, but I could not find anything according to my requeriments.
The users are being stored in my database.
Could anyone help me please?
Hello! Could you solve it?
hello! no I couldn’t! 
could you help me?
If you are using an SSL connection (https), the token should not be a big problem (see JWT). Or do I misunderstand your question?
I’m not using https, I am trying to implement the code on thephpleague page using oauth2, but it seems I got lost in the way
Well, you should provide more context, example code and maybe a error message or so. Maybe this link is helpful:
1 Like