Level 46
If you're building an API then yeah, put all your routes in the API section.
Have you thought about whether you need to secure the API?
Oct 14, 2020
8
Level 9
Rest Api - How should I proceed
I need to build a web application and a separate mobile app to access the web data.
I thought of having all my routes in the api section.
Is that the way to proceed ?
What are the factors i should consider ?
Level 9
@topvillas Yes the API should be secured
I will have to implement an Authentication system with permissions etc...
Level 46
For authentication you have a few options.
Passport, Socialite, Sanctum or JWT. They all fill slightly different niches and you'll need to decide which would suit your needs best.
TYmon JWT package sits very nicely alongside Laravel's auth system.
Level 9
How can i decide between Sanctum and Tymon JWT package
Level 46
If you're making a mobile app then Sanctum isn't really an option (I should have mentioned that). It's only really of use if the api and site are on the same top level domain.
JWT looks like your best option.
Level 9
It seems like sanctum may be an option too
https://laravel-news.com/using-sanctum-to-authenticate-a-mobile-app
Level 46
OH, well there you go! I have zero experience with mobile apps.
Level 80
@zaster If you’re building an API for a mobile app, then I’d use Passport. OAuth is a widely-supported and used spec and is technology agnostic.
Please or to participate in this conversation.