问题
Unfortunately, I can't find a solution for a user case, which must actually occur frequently.
To describe it best, I put here the structure of my routes (web and api) of my laravelapp:
routes/web.php
get(start|products|product/{id}|contact|inprint|login|register)
get(checkout|checkout/(any))->middleware( auth ) // Checkout is a VUE App
routes/api.php
// only the Vue App use the api
get(user|user_orders|user_address) ->middleware( auth )
post (purchase_order) -> middleware(auth)
As you can probably see I want to protect parts of the website. Furthermore, I would like to check every query whether the user is logged in in order to display the logout button in the navbar.
- Is this even possible with an auth system?
- is it possible to secure webroutes with a token based (JWT) auth system? I always thought no.
Thanks for your help!
回答1:
You can do the reverse. That will give you the flexibility to check your auth in your controller with
Auth::check();
With these simple steps, you can check auth in API routes also. So you can integrate the JWT this also along with auth web routes.
You just need to add
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Session\Middleware\StartSession::class,
In your 'API' middleware group
'api' => [
\App\Http\Middleware\EncryptCookies::class,
\Illuminate\Session\Middleware\StartSession::class,
\\ existing code...
],
Thanks,
来源:https://stackoverflow.com/questions/65889210/laravel-auth-problem-for-web-and-api-routes