user(); if ($sanctumUser) { Auth::setUser($sanctumUser); return $next($request); } $token = $request->bearerToken(); if ($token) { try { $jwtUser = JWTAuth::setToken($token)->authenticate(); if ($jwtUser) { Auth::setUser($jwtUser); return $next($request); } } catch (JWTException $e) { // fall through to unauthorized response } } return response()->json(['message' => 'Unauthorized.'], 401); } }