What is the difference between "auth" and "auth:api" middlewares?

Posted 1 year ago by malhayek

I have an application that I am creating using Laravel 5.5 in which I like to use web routes and some API routes.

I installed Laravel "auth" package using php artisan make:auth https://laravel.com/docs/5.5/authentication

Eveything works great on the web routes. To secure my controller, I add the following code to the controller

    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('auth');
    }

and the routes will become allowed after a user logs in.

However, when I add routes to the api.php file and add the $this->middleware('auth'); or $this->middleware('auth:api'); the site rejects the access and send the user back to the /home route.

I am wondering why the auth middleware does not recognized that the user is logged in when using the api routes. Also, why auth:api does not also recognize the the user is logged in. Does the api routes expect a different way to login? if so how would I login using an API?

Please sign in or create an account to participate in this conversation.

Reply to

Use Markdown with GitHub-flavored code blocks.