How to competently make access to a group of routes (for api) only for authenticated users, without using the 'auth' middleware?

R

Romi2021-05-14 18:13:08

Laravel

Romi, 2021-05-14 18:13:08

There is a group of routes for api, which should be given access only to authenticated users. And guests can simply give json with an invitation to authenticate.

Writing Auth::check() in every function is not an option.

middleware 'auth' redirects to /login and in general, as I understand it, not for api.

What's the best thing to do? Just your middleware and hang it on a group of routes?

Or are there any other lara-way options? ))

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

N

netrox, 2021-05-14
@romicohen

https://laravel.com/docs/8.x/passport#introduction
https://laravel.com/docs/8.x/sanctum

D

Denis, 2021-05-14
@sidni

Just your middleware and hang it on a group of routes

Well, yes, write your own version of authentication, for example, through Bearer, if there is a token and everything is fine, log in and provide it to the route, if not, then do what you think is necessary.