Laravel API Authentication -


i building api using laravel used both mobile , web applications. confused regarding authentication.

basically web application used users both in logged in state , visitor state.

how authentication work in case? if api uses username/password authenticate user visitors?

also, how make sure webapp , mobile app thats making request api? how ensure doesn't programatically doesn't access api , apps can request access data?

you have routes file, , able apply filter (laravel 4) / middleware (laravel 5) routes protect them. assuming using l5 -

route::group('api/v1', function() {     route::group(['middleware' => 'api.auth'], function() {      route::get('protected', function() {        return response()->json(['authenticated response'], 200);      });    });     route::get('guest', function() {      return response()->json(['guest response'], 200);    }); }); 

then need create middleware api.auth - see http://laravel.com/docs/5.1/routing#route-group-middleware , http://laravel.com/docs/5.1/middleware

so happens when try visit /api/v1/protected, laravel run api.auth middleware before lets user go further.

api/v1/guest of course able accessed authenticated users , guest users because there no middleware applied.


Comments

Popular posts from this blog

resizing Telegram inline keyboard -

command line - How can a Python program background itself? -

php - "cURL error 28: Resolving timed out" on Wordpress on Azure App Service on Linux -