JWT Authentication with Refresh Tokens multiple auth

[jimnguyendev]

Hi, I am implementing refresh_token api with two guards Admin and User.
When the access_token expires I want to use middleware to check the token expires. However JwtAuth::parseToken()->authenticate() is accepting the token from the Admin guard even though I'm accessing the path where the guard is User. How do I solve this. Thank.
Here is my implementation:

Route

  Route::group([
        'middleware' => ['auth:admin']
    ], static function() {
        Route::get('admin/profile', [AuthController::class, 'profile']);
    });

  Route::group([
        'middleware' => ['auth:user']
    ], static function() {
        Route::get('user/profile', [AuthController::class, 'profile']);
    });

App\Http\Middleware\Authenticate

 public function handle($request, Closure $next, ...$guards)
{
      try {
          if (!JwtAuth::parseToken()->authenticate()) {
              return response(...);
          }
          return $next($request);
      } catch (TokenExpiredException $e) {
          Log::error($e);
         return response(...);
      } catch (TokenInvalidException $e) {
          Log::error($e);
          return response(...);
      } catch (JWTException $e) {
          Log::error($e);
          return response(..);
      }
}

[leon0399]

Hi! Are you using different models for User and Admin entities?

[jimnguyendev]

Yes, this is my config:

   'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],
        'user' => [
            'driver' => 'jwt',
            'provider' => 'users',
        ],
        'admin' => [
            'driver' => 'jwt',
            'provider' => 'admins',
        ],
    ],

and

  'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\Models\User::class,
        ],
        'admins' => [
            'driver' => 'eloquent',
            'model' => App\Models\Admin::class,
        ],
    ],