You will probably want to wrap everything in an API controller - any requests the android app makes should go through the API controller.
So your reoutes might be:
/api/login - returns errors or authentication token /api/register - returns errors or authentication token /api/pictures - returns pictures (you pass authentication token received from login or register method above)
Android app should not have direct access to the DB, the api should handle this - you shouldn't really trust any data coming from the app
Plenty of info/discussion on api design etc on google - doesn't have to be Laravel specific, you just need to get an understanding of the concepts and build into L5
try Dingo api, it has authentication built in, and even supports JWT.. very easy
Sign in to participate in this thread!
We'd like to thank these amazing companies for supporting us