API Extra Security Layer for Mobile Use with Package Restriction using Laravel

Since i developed both backend and mobile application, there is something i need to protect my API. So, i came out an idea where i need to restrict access from public by app package information. I have been this using for awhile now.

Yes i know, it is not secure enough — no system is safe by the way. Purpose of security layer is to block and slowing down the attackers movement.

credit: www.securitymagazine.com

So, Let’s get started

Create a simple table called app_versions

php artisan make:model AppVersion -m

Then, write a simple migration file. Any extra are welcome to add.

Schema::create('app_versions', function (Blueprint $table) {
    $table->id();
    $table->string('os_type');
    $table->string('app_package_name');
    $table->string('app_version');
    $table->string('update_type'); // 1 - Major 2 - Minor
    $table->text('app_link')->nullable();
    $table->timestamps();
});

Setup AppVersion Model

class AppVersion extends Model
{
    protected $fillable = [
        'app_version',
        'app_package_name',
        'update_type',
        'os_type',
    ];
    
    ...
    public function isMajor()
    {
         return $this->update_type == 2;
    }…