Usage

Token authentication

How to setup Sanctum Bearer token-based authentication for Laravel Echo.

Configuration

Beware, that token-based authentication is not recommended for SPA applications.

Sometimes, token authentication might be useful when you cannot host your application on the same TLD or have a mobile or desktop application built with Nuxt (e.g. based on Capacitor).

To explicitly set this authentication mode, update echo.authentication.mode configuration property to token.

You can check the official Laravel documentation here - Authorizing Private Channels.

How it works

You should already have an authenticated user by submitting credentials to your login endpoint, for instance, using the Nuxt Auth Sanctum module.

Once the module has an authentication state, it will request a CSRF cookie from the API, and pass it as an XSRF header to each Echo channel authorization request to confirm the current user identity.

Ensure that you use cookie mode for nuxt-auth-sanctum module to save the CSRF cookie from the API response on authentication requests.

Custom token storage

Default token storage uses cookies to keep the Authentication token and automatically load it for Echo channel authorization requests.

However, you are free to define custom storage in your app.config.ts by implementing an interface (especially, when cookies are not supported, for example - Capacitor, Ionic, LocalStorage, etc).

Check this section for more details - Token storage.

Cookie authentication

How to setup Sanctum cookie-based authentication for Laravel Echo.

useEcho

Composable for working with Echo instance in your code.