I would like to ask how can I get back the accessToken from current user?
Background: I would like to develop an api that requires authentication of users.
Now, I am able to create the accessToken by
$accessToken = $user->createToken(‘auth_token’)->accessToken;
but where do I $accessToken? I have done some research on it, and I should not store the accessToken on database, I can get back some of the details of current users token
for example:
I can get back the user token by defining one-to-many relationship
$user->tokens->each(function($token){
})
but it can only get back the field in oauth_access_tokens table, I cannot get back the accessToken.
What I would like to do is, get the accessToken, and pass it to the frontend js.
I have few questions to ask:
1: is it a proper way to pass the accessToken directly from backend to frontend, because I am thinking if someone is able to view the brearer token via dev tools, then user credential will be compromised
2: how can I get back the access token via token id? or I should not get back the accessToken again? Similar to some of the api token service, you can only get the accessToken when you create the token, after created the token, you have to store it locally, and the server will not tell you the access token again?
Thanks!!!! I know I have asked a lot of dumb questions.