Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
Hi.
I'm making an API, and I will use laravel for that. No problemo here.
I want to do TWO completely separate projects. I want to use simple blade pages in the front.
The main problem in my mind:
I would have an endpoint like domain.com/api/auth and when I login successfuly, a token will be return from the API (maybe some additional info like user name etc.)
The code in the FRONT project
// LoginController
public function store()
{
// guzzle?
$response = $http->post('https://domain.com/api/auth', [
'email' => '[email protected]',
'password' => 'secret'
]);
// $response ---> ['token' => '...', 'user' => ['name' => '...', 'email' => '...']];
// successfull
// save the token in my DB? (Database of the Front End project, only to save the login users for example?)
return redirect('dashboard');
}
Then I guess I would only have to do the requests with the saved token to the API
// ProfileController
public function update()
{
// ...
$response = $http->put('https://domain.com/api/me', [
'token' => 'Saved-token-from-the-db',
'some_data' => 'to update the profile'
]);
return back();
}
Is this a good way? Any ideas?
Thanks!
@luddinus Laravel Passport: https://laravel.com/docs/master/passport
But I’d not split your project into two separate applications/repositories unless you have the capacity to continually maintain two applications, update framework versions etc.
@martinbean Hey, thanks for the answer.
Actually I handle the API via jwt, no need for me to use Passport, that's not my question.
I want to split my project because I want to handle the API (backend) and some partner to focus only in the front-end, but using Laravel/Blade.
So I think, my main question is: Is it Guzzle a good option to make requests to the API?
@LUDDINUS - Yes, Guzzle is pretty standard for making requests backend. You’ll see it in lots of tutorials.
And what about to "save" the API users to use in FRONT pages (protected)?
I want to use Blade pages, and make a middleware to protect the views (if the user is logged, go, if not, redirect to the login page for example).
The idea I have in mind is to save in database the users that are logged via API, that way I could use the middleware mentioned before in an easy way.
Please or to participate in this conversation.