JWT is configured thanks to tymondesigns/jwt-auth.

Default Configuration

When installing the repository using composer create-project, the following command is executed:
php artisan jwt:generate
which generates the JWT_SECRET needed for the JWT to run.

Json Web Tokens are stateless, this is why we're never storing the tokens in the database.

A sample code for JWT authentication is provided in the LoginController.
Your API knows that a user is authenticated, if he sends the Authorization: Bearer {token} header.
This is automatically configured for you in the API service.

👍

It is recommended that you move the generated token from config/jwt.php to your .env file. This is an upstream limitation that should be fixed in their next release.

🚧

If you're changing the default model for authentication, make sure to update your config/jwt.php to reflect your changes. Specifically you need to update 'user' & 'identifier'.