Abhijit Borkakoty
Reputation: 37
RESTful APIs using Laravel
I am developing REST APIs for my project using Laravel. For every request I am firing a database request to see if the requested api_token exists or not. If not I am giving out a json response saying "Unauthorized access".
if( count($user) == 0 ) {
$toSend['success'] = 0;
$toSend['response'] = 'Unauthorized access';
}
However there is another way to do this. If I just wrap the route with auth:api middleware,
Route::post('/address', 'SomeController@someMethod')->middleware('auth:api');
it does the same thing without having to make a database request. Should I just go with the middleware process or do both ?? Which one is a good practice?
Upvotes: 0
Views: 115
Answers (1)
Albert
Reputation: 174
Always go with the middleware and mention the list of apis in the API group list as follows
Route::group(['middleware' => 'auth:api'], function () {
Route::get('getUser','Testcontroller@getData');
});
Upvotes: 1