feature/SGRD-9 | Support regex realm matching

[amrography]

We can pass the realm names like following:

Route::middleware('auth:jwt(root|foo),web, ... guards')

The Authenticate middleware will first attempt to auth user with JWT guard, use the given realms. If it fails, it will continue to auth all the other guards.

Changes:

for Laravel 10, update app/Http/Kernel.php:

protected $middlewareAliases = [
- 'auth' => \Illuminate\Auth\Middleware\Authenticate::class,
+ 'auth' => \Supaapps\Guard\Http\Middleware\Authenticate::class,

For Laravel 11, update bootstrap/app.php see

+->withMiddleware(function (Middleware $middleware) {
+    $middleware->alias([
+        'auth' => \Supaapps\Guard\Http\Middleware\Authenticate::class,
+    ]);
+})

---

Also, I can apply a totally different approach. Here in middleware aliases, I can separate the logic from default Authenticate middleware:

protected $middlewareAliases = [
  'auth' => \App\Http\Middleware\Authenticate::class,
  'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
  'auth.session' => \Illuminate\Session\Middleware\AuthenticateSession::class,
+ 'auth.jwt' => **MIDDLEWARE THAT SETS REALM NAMES THEN AUTH**
...

And the usage will be like:

Route::middleware('auth.jwt:root,foo') // or auth.jwt:regex pattern

---

The idea is simple here, let's assume we have .env like:

SUPAAPPS_GUARD_AUTH_REALM_NAME=root,foo,bar

Then it matches JWT aud of all of the following:

- root
- foo
- bar

[SirNarsh]

jwt:.* any realm
jwt:root|tggy allows audience root & tggy
jwt realm from env var

[amrography]

jwt:.* any realm jwt:root|tggy allows audience root & tggy jwt realm from env var

We don't have jwt middleware. We protect routes by adding middleware('auth:jwt')