Authentication/Authorization

These features are provided by Laravel's native Fortify and Sanctum packages. Permission are handled by Spatie's Laravel Permissions package. Currently supported authentication features include email verification and password resets.

The sanctum middleware provides a stateful SPA authentication and protection from CSRF and XSS. In addition, a general accessibility (authorized_users_only and read_only) middleware is employed and formRequest authorization is used per specific mutation API route.