I'm setting up a laravel app (v5.1) with jwt auth (https://github.com/tymondesigns/jwt-auth). Got a boilerplate from this project: https://github.com/francescomalatesta/laravel-api-boilerplate-jwt . This way I want to be able to authenticate different apps in the future.
My problem is that I'm trying to create some protected pages in the same project, but I'm currently unable to stop users without the cookie (not authenticated). To "protect" the access I have the following values in my $routeMiddleware (in Kernel.php):
'csrf' => \csd\Http\Middleware\VerifyCsrfToken::class,
'auth' => \csd\Http\Middleware\Authenticate::class,
'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
'guest' => \csd\Http\Middleware\RedirectIfAuthenticated::class,
'jwt.refresh' => \Tymon\JWTAuth\Middleware\RefreshToken::class
I also tried to add 'jwt.auth' => \Tymon\JWTAuth\Middleware\GetUserFromToken::class to this array, but nothing changed.
How can I block users from accessing my pages while using this jwt-auth?
Thanks in advance.
