Open j-jalving opened 4 days ago
Hey @j-jalving!
The documentation is written mostly for web apps and the reason why you should have endpoints without stateful
middleware is that it expects a CSRF cookie/header which will not be included when you work with a token.
I am not an expert in Capacitor, but I would imagine that when you send a request from a mobile application, you don't have Origin/Referer headers, so I guess it should work even with the same endpoints.
Anyway, just make sure that all requests from your mobile application will not be handled by Laravel as CSRF-compatible.
P.S. I would really appreciate it if you could test it and share the feedback so I can update the docs with a clearer description for mobile apps.
I'm trying to implement nuxt-auth-sanctum for my Nuxt/Capacitor project that will be deployed to the web and as a native app. For my web build I will use cookie based authentication, but for my native app build I will use token based authentication.
The documentation tells me:
Does this only go for the login and logout endpoints? Or should all my endpoints ('forgot-password', 'user', etc.) have separate versions for clients that use token based authentication?