Cannot refresh token after ttl expires

[ghost]

Subject of the issue

Describe your issue here.

Your environment

Q	A
Bug?	yes
New Feature?	no
Framework	Laravel
Framework version	5.7.11
Package version	1.0.0.rc3
PHP version	7.2.1

Steps to reproduce

Follow the documentation to install the package. Have these settings in config/jwt.php:

'ttl' => env('JWT_TTL', 2),
'refresh_ttl' => env('JWT_REFRESH_TTL', 5256000),

This is the routes/api.php:

Route::group(['middleware' => 'api'], function () {
    // User
    Route::group(['prefix' => 'user', 'as' => 'api.user.'], function () {
        Route::post('/refresh', ['as'=>'refresh', 'uses' => 'ApiAuthController@refreshToken']);
    });
});

This is the ApiAuthController:

public function __construct()
    {
        $this->middleware('auth:api', ['except' => ['login','register','refresh']]);
    }
...
    public function refreshToken() {
        $newToken = $this->guard()->refresh();
        $this->guard()->setToken($newToken)->user();
        $user = $this->guard()->user();        
        return response()->json(['user' => $user, 'token' => $newToken], 200);
    }

Expected behaviour

I should receive the correct data in the response

Actual behaviour

The response I get is a Redirection to the Login page. It seems that the request from my mobile app hits the Guard first and that sends a redirection as a response with the message "Unauthenticated."

This does not happen all the time, if I just keep hitting the /user/refresh url then the token refresh succeeds. But if I do not send any requests from the app for 2 minutes (I have timed this multiple times) then I get the above error response. The 2 minutes seems to point to the ttl setting for jwt.

[ghost]

bumping :(

[julianpoma]

Same issue

[hoangcao10]

Same issue

[tnbcc]

Same issue