Little JWT comes with middleware, which allows a token to be validated before the HTTP request is processed any further.
The fully qualified class name can be used:
Route::get('/protected', function () {
//
})->middleware(\LittleApps\LittleJWT\Laravel\Middleware\ValidToken::class);
The 'validtoken'
alias can also be used:
Route::get('/protected', function () {
//
})->middleware('validtoken');
The Valid Token middleware is not responsible for authentication (i.e.: retrieving the user associated with the token). See the guard page for more information on authentication.
The validatables to validate tokens with can be specified. Use any validatable keys (specified in the configuration file) as the parameter:
Route::get('/protected', function () {
// Reaches here after token is validated by both the 'default' and 'guard' validatable.
})->middleware('validtoken:default,guard');
Not specifying any parameters will cause the token to be validated using the default validatable (set in the configuration file):
Route::get('/protected', function () {
// Reaches here after token is validated the the default validatable.
})->middleware('validtoken');