I am creating a SPA using angular2 & lumen 5.4. Lets just say there are two routes. One GET route that returns JSON data to display, and one POST route for uploading files to the database. Its an in-house app that will have no login (this is out of my hands).
How can I properly secure the endpoints? For the POST upload form I could include a hidden token but that isn't secure at all. All of the authentication tutorials for lumen involve user login which is not an option for me.
Any examples or tutorials would really help since I have always used user authentication in the past
via ghan
