Can Laravel Passport be used for authenticating users?

Question

Laravel provides routing for applications in general with their user login/register method.

However; My application is not able to take advantage of the CSRF token and sessions as it's View is powered by Phonegap so i'm forced to use another method of Authentication to ensure all requests from the Phonegap app to the Laravel Routes/Controllers are secure.

Is Laravel passport suitable for this or is OAuth2 used for something different? I just need a bit of guidance as i'm quite new to this method of authentication.

Answer 1

Laravel Passport or oAuth2 for that matter is used to authentic clients (mobile apps or web apps like in your case) to securely use APIs to access data.

So yes Laravel Passport is used to authenticate clients but the way you can use it in your project entirely depends on your exact requirements because if you are just planning to submit forms then you can still do it without using csrf tokens or latsbrl passport or oAuth2 but if you want to build a secure way of allowing tour clients/users to submit and channel data to your backend then yes you should use Laravel Passport.

Laravel 5.3 has a slight challenge interms of implementing laravel passport for APIs and to help you with that i have already written a detailed setup and usage write up here Laravel's 5.3 passport and api routes.

Let me know if you need any help as I have been using oAuth2 and laravel passport recently in almost all of my projects.