4,230 experience to go until the next level!
In case you were wondering, you earn Laracasts experience when you:
Earned once you have completed your first Laracasts lesson.
Earned once you have earned your first 1000 experience points.
Earned when you have been with Laracasts for 1 year.
Earned when you have been with Laracasts for 2 years.
Earned when you have been with Laracasts for 3 years.
Earned when you have been with Laracasts for 4 years.
Earned when you have been with Laracasts for 5 years.
Earned when at least one Laracasts series has been fully completed.
Earned after your first post on the Laracasts forum.
Earned once 100 Laracasts lessons have been completed.
Earned once you receive your first "Best Reply" award on the Laracasts forum.
Earned if you are a paying Laracasts subscriber.
Earned if you have a lifetime subscription to Laracasts.
Earned if you share a link to Laracasts on social media. Please email [email protected] with your username and post URL to be awarded this badge.
Earned once you have achieved 500 forum replies.
Earned once your experience points passes 100,000.
Earned once your experience points hits 10,000.
Earned once 1000 Laracasts lessons have been completed.
Earned once your "Best Reply" award count is 100 or more.
Earned once your experience points passes 1 million.
Earned once your experience points ranks in the top 50 of all Laracasts users.
Started a new Conversation OAuth 2.0 Password Grant Type: Is Client Secret Safe?
Hi, I'm developing an app which has a backend as the API provider and a frontend client that consumes the API from backend. I'm using laravel passport for the OAuth matters and using password grant type.
Since password grant type requires client id and client secret to be sent out along the request body when getting the token, my frontend has to keep the client credentials and it can actually be exposed through the network tab on the browsers.
My question is, is this a safe way to do it? Or is it better to have my own login api endpoint to proxy the oauth/token route from passport? What is the best practice for such case? And what's the worst scenario could happen if people get my client secret? As far as I concern, you can't do much anyway with the client secret cmiiw.
I believe this is a common problem developers encounter. I hope I can have the answer, please share! Thank you! :)
Hi, I know it's been quite some time. But have you figured out the solution? I'm facing the same case, I want to convert a csv file that's stored in the storage (cloud storage in my case) to json. I'm aware fopen() is for local file, but how do I sort of download the file from storage just to allow the file gets read by fopen() ?