Authenticate different frontend with sanctum

Hello everybody,

I want to build a Laravel website that shares almost everything with a React-Native mobile application like authentication. and I want to use Laravel sanctum for this process but then in the docs I found three type of auth that sanctum provides:

SPA Authentication

API Token Authentication

Mobile Application Authentication

I know if I build a Vue client for web I can use (API Token Authentication) to authenticate both with the same approch. but I want a Laravel app for web so what is the best choice for me.

bait-dept

5 years ago

Level 11

Well you'll want to use sanctum for the mobile since it's quite the recommended nowadays but for the web app you can't use it unless it is a SPA.

Therefore why not use the default Authentication of Laravel and use different login systems depending on what is requesting the login (API vs WEB) ?

https://laravel.com/docs/8.x/authentication#introduction

https://laravel.com/docs/8.x/sanctum

uniqueginun

5 years ago

Level 9

first off, thank you so much for your reply.

Ok let's say I used default authentication for my web app and then use sanctum to authenticate my mobile app.

now what about the endpoints that both web and mobile shares. they will be using the same endpoints. how I manage that. since I want them both to consume API routes and not having endpoints for each in (web/API).

bait-dept

5 years ago

Level 11

Assuming your API is a REST API, then you can check if the request is expecting a JSON answer

From the documentation:

Since many applications only serve HTML or JSON, you may use the expectsJson method to quickly determine if the incoming request expects a JSON response:

if ($request->expectsJson()) {
    // ...
}

Please or to participate in this conversation.