Laravel 5.3 Passport component looks pretty cool, but I have some confusion on it.
On documentation Passport is under API Authentication, and when set config/auth.php, it will change driver to be 'passport' of guards 'api'.
Laravel 5.3 have web.php and api.php to differ routes group to use web middleware or api middleware.
After installed Passport, there's a step to add Passport:routes() to AuthServiceProvider. When I run route:list it will show the new routes are all using web and auth middleware.
My question is why these passport routes using web middleware? For my understand Passport should work for stateless APIs authentication, but web middleware is not.