Open geoff-maddock opened 1 year ago
Test getting the basic auth user to match a database user
Testing Sanctum - it did allow me to generate tokens, but the routes are not being protected by the sanctum middleware
Maybe watch a video that compares these options.
For non-user auth, use auth-code flow: https://auth0.com/docs/get-started/authentication-and-authorization-flow/authorization-code-flow
To get a token - these tokens will just allow access but not set a user.
For auth with a user, we'll hit another route to generate a token that will then also set the user to verify authorization.
Set up an authentication method for the API that will work for a frontend/spa.
Sanctum is an option that would let users create API tokens And also allow auth for an SPA
Passport is a more complex option that supports OAuth2 https://laravel.com/docs/10.x/passport