loading...

Discussion on: PKCE authenticaton for Nuxt SPA with Laravel as backend

Collapse
themustafaomar profile image
Mustafa Omar

Firstly, Thank you for your great work!
I've been searching for a long time on how to authenticate Vue SPAs with Laravel and found Laravel Passport but it seems that Laravel Passport wasn't made for this purpose!
and PKCE is breaking the UX, actually, this prompt is a bit confuses the users.
I'm looking for something simple for SPAs.
I found an alternative which is Sanctum, I read the intro about it in the docs and found that Scantum was mainly built for SPA.
My question about best practices and security, do you recommend using Sanctum instead?

Collapse
stefant123 profile image
StefanT123 Author

If your both applications are on the same top-level domain, yes, it's best to use Sanctrum. If they are not on the same top-level domain, you can't use Sanctrum.

Collapse
nomikz profile image
nomikz

Thanks for informative post.
I wanted to know if front and back on two domains, can't we use sanctum laravel.com/docs/7.x/sanctum#api-t... api token authentication?

Thread Thread
stefant123 profile image
StefanT123 Author

You can, but I haven't used it yet. I think it's not as flexible as passport.

Collapse
themustafaomar profile image
Mustafa Omar

Thank you for the fast response <3