Secure register API Cross Origin

Question

Secure register API Cross Origin

Some info

On my internship I'm making a spotify like application. I'm doing the server-side with a laravel API while the other intern is making the client-side with an Ionic/Angularjs app.

Problem

Is it safe to send the password and username with an POSTrequest. On the server-side its encrypted but while its being send its not.

And if its not safe, does anyone know a safe way of doing this.

I Was thinking about hashing the login and then send it but is this really safe?

Thanks in advance and sorry for the bad english.

Why don't you use the token authentication provided by Laravel out-of-the box? Check the [docs](https://laravel.com/docs/5.3/passport) for more info — Gadzhev, Sep 19 '16 at 09:55
Maybe [this](http://stackoverflow.com/questions/1582894/how-to-send-password-securely-over-http) post about security can help you out. — Erik, Sep 19 '16 at 09:55
I'm using it. But for the first login you still have to send the raw data — Casper Spruit, Sep 19 '16 at 09:56

Casper Spruit · Accepted Answer · 2019-09-04T12:51:09.230

2

I ended up using HTTPS. This would make it secure enough.

For future reference, you should probably look at OAuth.

edited Sep 04 '19 at 12:51

answered Sep 20 '16 at 15:08

Casper Spruit

944
1
13
31

Secure register API Cross Origin

Secure register API Cross Origin

1 Answers1