For my app I need a Rest API and a web application. I’m struggling with the authentication, which should be Form for the web application, and Basic for the REST API. I’m using the CakeDC Users-plugin. If I have understood correctly, it’s not optimal to have both auth-mechanisms in one app.
The apps can have different urls, for example:
https://myapp.com/users/edit/1 for the Form-auth, and https://api.myapp.com/users/edit/1.
The apps should share the same business logic and database, only the auth-mechanism should be different (or possibly other things in the future). This is for avoiding repeating code.
Can I solve this with one plugin to implement it in both apps, which have different auth-mechanisms? Is this considered good practice?
If so, can someone provide me with a good example, or explanation, on how to do this? Eventually, come woth suggestions of a better way to do this.
Thank you in advance