0
I am developing a Chat where it can be accessed both by the web and by an application, so I have done a project in Laravel with an api, both the site and the application will be fed through the api that is on the same server what I am in doubt is how much authentication
Applying
In my application I am using JWT to authenticate the user, so each request I need to pass a token, this token is obtained at login
Then I’ll put this one away token on a local session on the device so you don’t have to log in every time
Website
But how should I authenticate on the site, if I’m already feeding it through the api I should also authenticate through the api?
Log in, obtain the token, save in a session and in any request pass the token obtained?
It seems to me an unsafe method
Tip: either you pass the relevant parts of the link here to the site, to turn a reply even, or post as comment (and warns that the site is your own). The way it is, you get what’s classified as spam here. Note that it’s okay for you to complement an answer with a link from you, as long as it actually resolves the post without needing the link, and the link actually complements it. But in this case, always warning when the site is your own. More details on [help]. Knowing the operation of the site, the community will better enjoy their goodwill in helping and you will be scored for it.
– Bacco
The question was answered and the site entered as a suggestion of a possible need, which was not presented by the questioner. So I didn’t bring the content of the text. But I will edit and remove the link, not to spam.
– Mauricio Rodrigues
You can leave the link, but put a warning that is your own, it is more cool. If you can supplement the response, you will add value and the votes can be reviewed.
– Bacco