Laravel backend will be accessing to Lumen via API using Guzzle.
I don't need a database in Lumen, so how can I add security between Laravel and Lumen? As far I am aware if I need pass token I would database access in Lumen.
Lumen is for internal use, which is not for the public to access.
I would do it like this:
- Store a key in your
.envof your laravel installation, call it
- Do the same on the Lumen side
- Create the API endpoint on the Lumen side, as explained in its documentation
- Use Token authentication, to authenticate any client connecting to the Lumen Endpoint(s). The key provided by the connector, needs to be equal to
- for token authentication you can use a header key, or simply a GET-Parameter...something like http://your_Lumen_site/endpoint?token=12345
- Use Guzzle on Laravel to connect to Lumen