You talk about 'serious drawbacks' of using Auth class code - but you dont really explain drawbacks compared to what? Just manually looking in the database yourself for the user?
All the Auth::onceUsingId()
is doing is logging your user into the application without a session or cookie. This is perfect for an API - as you dont normally have persistence between requests.
You can then do Auth::user()
to get data about the user, such as Auth::user()->name
.