Update using API/AJAXs

This video might help you : https://laracasts.com/series/learning-vuejs/episodes/8

@ohffs thanks for the great video. its really easy work to with api/ajax with Laravel

But may be I was not very clear with explaining my issue. That demo does not work with authentication.

I want to authenticate those ajax posts. I do not want to prompt user for the username/password if they are already logged in to the web site. And only the logged in user should be able to update his profile the api post. Is it possible to share the same web session or use authcontroller validation for the api authentication as well like we do with web requests?

May be I do not want to use separate APIs at all.

probably I can use my update route url (/profile/update/{profiledata} in my ajax call.

I will give it a go. Thanks again

@WPS2 the ajax calls are 'authenticated' as the CSRF token will be checked against the current user - it's up to you if that's enough I guess. If you want something more like your own API keys/tokens you'll probably have to make your own middleware though. Or is your API outside your main app?

@ohffs I was going to implement the API inside the main app

@WPS2 hopefully the CSRF token should be "good enough" then? You could add your own API token if you wanted I guess - take something unique about your user, a salt etc.

@ohffs Thanks for your help. I did implement the X-CSRF-TOKEN token and the update is working fine.

But it's keep getting the same token every time even after I sign out and sign in again. Do we need to keep the same token till the user sign out or till his session is expired?

Is it possible to regenerate the token every time when the use logs in to the system?

@WPS2 I'm not 100% sure when laravel regenerates the token - it'll time out after a while though. There's some info here about regenerating it on each request though which you could probably adapt to suit what you want.

@ohffs thanks. appreciate your help