Level 39
Looks you want to use a "guest user"
Apr 4, 2022
1
Level 1
Laravel REST API Auth without Users
We're building a product that has a Laravel-based back-end and a Vue SPA front-end. We are building an API layer for the SPA to get relevant data that it may need as a client-side user traverses through the application.
Everything i read about Sanctum and Laravel APIs has to do with authenticating from the prospective of the User. Our use case is such that we need the API to funnel data back and forth but the auth is really between front-end and back-end applications, not through a User model.
Meaning, the API would be used to request data even on some pages where the user is logged out. I realize we could just leave those as open/public api endpoints but we'd love to secure them, if possible. That way we can limit who hits them to just the front-end SPA.
What is the method we need to be going down in order to accomplish this?
Please or to participate in this conversation.