# Intro

Tea makes use of JWT for authentication.

A JWT expires after 10 years and it uses a secret key to make the encryption stronger.

Make sure that APP_SECRET is set inside .env.

Tea will set APP_SECRET after running:

composer create-project devlob/teodora projectName

but if for whatever reason APP_SECRET is not set, then you can run:

php tea key:generate

# Register

In order to authenticate, you obviously need a user.

Tea comes with a route and a controller to make that possible.

If you need to change the registration process, then update app/Http/Controllers/Auth/RegisterController class.

The uri to register a user is /register.

# Login

After you successfully create a user you can authenticate with that user.

Tea comes with a route and a controller to make that possible.

If you need to change the login process, then update the app/Http/Controllers/Auth/LoginController class.

The uri to login a user and get a token back is /login.

# API middleware

If you need to protect a route from non-authenticated users, then you can make use of the api middleware:

$router->put('/products/{id}', 'ProductController@update')->middlewares(['api']);

Make sure you pass the token in every request for Tea to validate the token and allow access.