Laravel Sanctum for web and api routes

I am using laravel for web and jquery for SPA. How can I protect both web and api routes using laravel sanctum?

And/Or how can I use the token generated from api sanctum and pass to protected web route? TIA!

bugsysha

4 years ago

Level 61

Please don't get me wrong, but how are you using jQuery for SPA? Thanks.

jeromesoriano

4 years ago

Level 1

Using .ajax sir!

martinbean

4 years ago

Level 80

@jeromesoriano Might help to read the docs, which explains great detail how to use Sanctum in both a web and API context.

And you’ll find you don’t store a token generated by Sanctum to protect web routes, as any token returned will be plaintext, stored in client storage (localStorage, etc) and therefore defeats the entire purpose of secure authentication.

jeromesoriano

4 years ago

Level 1

Thank you sir! There's a part I saw in the documentation where it is saying we can protect web routes.

https://laravel.com/docs/8.x/sanctum#protecting-routes

Does this mean, if I used authentication login via web route, I should call everything in web routes and no need to use sanctum for SPA?

Sorry for newbie questions. Thanks for answering. :)

Please or to participate in this conversation.