1

I'm reading the book: Build APIs You Won't Hate, and it propose several Authentication methods:

  1. Basic Auth
  2. Digest Authentication
  3. OAuth 1.0a
  4. OAuth 2.0
  5. OpenID
  6. Hawk
  7. Oz

I have a application that will have differents components

  • Internal APIs
  • Laravel WebApp with FB / Google Login via Socialite
  • VueJs
  • Mobile App

I will not have a public API.

I was thinking of using JWT to secure my APIs, but as I don't see it in the book, I'm wondering if I am not making a mistake.

Any advice will be apreciated!

Improve this question
1

2 Answers 2

Reset to default
1

Using JWT is a good practice for securing APIs it is not a mistake as far as I'm concerned.

But as Laravel 5.3 is now released and we have a Laravel Passport (OAuth2 Server) for API authentication which would be very help full to you I think.

You could refer the Laravel 5.3 release note for the document. Also Laracast has a free video tutorial explained in detail.

Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

What is the real benefit of using jwt instead of laravel internal api driver?
I ended using laravel pasaporte!
1

I have achieved JWT auth on Laravel 5.2 using the jwt-auth Laravel package by Sean Tymon, https://github.com/tymondesigns/jwt-auth

If you are interested in an example that uses vue.js for the UI, I have written a post to document my findings, http://jimfrenette.com/2016/11/laravel-vuejs2-jwt-auth/ and have posted the source code on github, https://github.com/jimfrenette/laravel-vuejs-jwt-auth

Improve this answer

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.