I am involved in a project that uses Laravel 5.5 for the backend and React for the frontend, aka SPA (Single Page Application). So far so good, but all of the users have to authenticate through a Central Authentication Service, aka CAS protocol.
I have found a package that implements CAS Auth Workflow quite well for Laravel, Subfission/Cas, but that workflow respects the traditional web requests architecture (Laravel rendering server-side contents on demand to clients, which download rendered html after every request).
In this case, I need to follow the SPA paradigm (Laravel + React), which makes an initial request for the HTML and app.js code, and subsequent interactions are just stateless API calls (served with Laravel, of course)...
From the architectural point of view, how could this be made and what would be the best approach to follow?