Setup according to the documentation
- Keep the default migrations as token info will be stored at db
- Personal Access Token is what we will use as JWT
- Token lifetime can be set in
AuthServiceProvider
viapersonalAccessTokensExpireIn
- No need to use
CreateFreshApiToken
middleware - Client should store tokens using JavaScript (e.g.,
localStorage
, or js-cookie) - Client should append the
'Authorization': 'Bearer xxx'
header manually