I want to check if the incoming requests come from few allowed domains (my own angular clients), so I could secure my app even if the token is sent in each request.
I've tried (from my online app) to access the ip address with $request->getClientIp(); but I always get the same ip: 172.17.0.1 when I acces from postman and the angular client.
I've also tried to get the origin and User-Agent, but it's very easy to change the header from postman, so it would not be secure.
Is there any way to know the client app domain or ip (which is secure over https) from the Laravel restful app?
Edit:
I'm serving my app over Dokku