Level 3
@BAZITERRY for first part of users you can user laravel built-in auth and for api part you can use JWT auth
Oct 7, 2018
5
Level 1
Auth - share the same authenticated user between session and token based auth
I'm looking to implement an auth systeme, this is my situation:
myApp
|--> administration (web auth) -no problem i will use the session based auth-
|
|--> users have two parts
|-->first part where there are forms, listing ...
|-->api part (client space built with react)
My main concern is how to share (in a secure and best way) the auth user (same one) between the web part and api one?
what options do i have ?
If y need more clarification plz do not hesitate to ask, Any help is appreciated
Level 1
@Palak27 that is what i obviously going to do! but the problem is how can i maintain (share) the same user between the two parts
Level 3
@BAZITERRY of course you can maintain same user because the database would be same. let me give you an example, if user register from api or from forms data would be maintain in same table.
Level 1
@Palak27 not talking about the users data, it's about sharing the user auth state (ie: if he is authenticated by the login form (session based auth) what is the best way to authorize him to use my api (token based auth) ) although i already did a work around, i just want to be sure if there are other options
Level 3
@BAZITERRY to authorize user by api you can generate one auth token and store it in database per user wise. when you call api pass authorization token in header and create one middleware to check if the token store in database and coming from api header is same if both are same then user is authorize .
Please or to participate in this conversation.