Information on laravel API - laravel

I need clear information about laravel API.
I've been reading lots of articles about laravel API. Beside choosing between JWT and laravel-passport—which is a whole different level of confusion—I need to get basic information about laravel API to make it clearer to me what's what.
Questions
Why does laravel passport need a database (what's the usage of those tables)?
If I change auth driver to passport in authProvider file, and not use api, would it affect my normal auth behavior?
If i use API (passport) do I have to use laravel-echo or any js library?

Laravel passport needs database to store tokens that are generated and used during authorization. Also, needs to bind these tokens to a specific users.
There are actually 5 new tables that are generated from migrations when installing Laravel Passport:
https://github.com/laravel/passport/tree/7.0/database/migrations
About using Laravel Echo or any js library is optional, and Laravel Passport does not require any of these.
See the Laravel Passport composer.json on requirements and other dependencies:
https://github.com/laravel/passport/blob/7.0/composer.json

Related

Laravel-Authentication: Passport vs Sanctum

I am new to Laravel and for practicing I am trying to create a website like GoFundMe but simpler with Laravel and Vue js.
But am very confused with Laravel's authentication systems, even though I have read most of the questions here.
Which authentication system should I use ? is it ok to use Sanctum for authentication and then Spatie for user permissions?
You have to have a clear concept of the topic authentication & authorization first. You may use Laravel Sanctum powered by Laravel framework as well. Because it provides authentication support for SPAs (single-page applications), mobile applications, and simple, token-based APIs. You may also have a look at passport later.
After passing your authentication, the topic authorization comes. You may use Gate. But as you are new to Laravel framework, then it seems to be a good choice to use laravel spatie for managing your permissions. But keep in mind that, it uses Gate concept under the hood.

Front end of application is built in Laravel livewire and want to consume API's built in Lumen

I was handed over a project by my company, it was made in Laravel with livewire and Nova.The company wants me to redo the app by consuming API's written in Lumen.
The first thing that I want to ask is whether its a good idea and secondly how to go about storing jwt token in Laravel provided by the Lumen login API and use it in subsequent requests?
First question you need to ask is why do they want to rebuild something existing under Laravel to Lumen. Lumen is basically a lightweight version of Laravel. If the idea is to seperate the frontends from the backend you could keep using Laravel, it can definitely be used to define APIs.
Regarding your second question, there are already some existing libraries (https://github.com/dusterio/lumen-passport ) which can help you use Laravel Passport in Lumen, so you shouldn't have any issue and you should be able to use your token everywhere.

Laravel Sanctum: Machine-to-Machine

I've previously implemented Laravel Passport for validating users of an API.
I'm currently looking to use Laravel Sanctum. This will not be for validating users but for validating machine to machine interactions (i.e. API to API).
I've read through the documentation here: https://laravel.com/docs/8.x/sanctum
The above documentation is focussed around generating tokens for users upon logging in. This application has no users and simply needs to generate API tokens for machine to machine authentication.
How would a token be generated without users?
For Machine, to Machine, you have to use Laravel Passport.

How can i create multiple authendication in laravel api?

I have two different registers and logins. How can i create multiple authendication for that using laravel api.
It's a little bit tricky because Laravel Passport doesn't currently support multiple authentication yet. What I did with a previous project of mine is use this package for implementing multiple authentication for APIs using Laravel Passport. The package I've suggested is fairly simple to implement. Go check it out!

Laravel authentication or mix of Laravel and vuejs authentication

I've a question about simplicity of a task. I'm fairly new to laravel and vue js, I'm used to php and javascript though.
I hope my question makes sense since I'm not sure if the technologies work as I think.
So I want to do a SPA project with laravel as backend, vuejs as frontend and mysql for the database. I need the site to be online and want an authentication to grant user access to different parts of the website. Let's say, you have to register yourself. If it's a normal user, he can see the "UserDashboard" and if it is an admin he can see the "AdminDashboard".
I've came across a couple of tutorials which show how to create an authentication system by using vue components to handle login/register/logout... It's pretty complicated and messy in my opinion.
Is it easier to just use laravel authentication and blade templates for authentication and then show the SPA for registered users/admins? If that's possible. Only saw the first option I mention for the moment.
Edit :
Here is a picture to illustrate last approach
Laravel authentication, then show SPA
If you use Laravel Mix, simply have one blade template that hosts your application (it's already set in Laravel). However, if you're using Laravel for API and a separate project for the front-end SPA, use Passport. Here's one of the ways to do it.
If you are using Laravel Mix, the CSRF token is already in a meta tag and is being added to Axios. All you need to do is make on blade template show your app.
You can also have separate blade views for login / registration etc and show SPA when logged in. But that's not really the best practice. Since I've figured out how to use Passport, I've always gone the separate vue project route.

Resources