I already have a Laravel/Vue web app using Passport. My default guard is auth:api. Also a vuex store is saving my userinfo/token in localStorage
I've implemented spatie permissions on every route by using middlewares:
Route::middleware('auth:api')->group(function() {
Route::get('/view-pdf/{id}',[
'uses' => 'MyController@streamPdf'
])->middleware(['permission:view_pdf']);
)};
All my views are loaded using vue router and all GET/POST/PATCH requests are done with axios using the api routes. So far, so good.
Now I need to make use of web routes for showing some PDFs. Of course the user session is missing so I get an Unauthorized 403 response when permission is missing.
I'm wondering how this can be done. I was thinking on start a session for guard:web once logged in through the api, but I'm not even close to understand how to face this problem.
Is it possible? Should I think about doing it in another way?
Just to clarify, the web routes are needed for streamming PDFs directly from controller using snnapyPDF. In order to do that I open a new window by using window.open('/view-pdf/486') in my vue component. Using axios.get() with blob response is not an option since I won't be able to change the filename nor Url.
Any help will be appreciated.
Aucun commentaire:
Enregistrer un commentaire