I think there is something wrong in the user auth #134
Description
I tried to use user_id to generate an api_key, however, i can use this key to access my api without login my app. so i try to read your middleware part code, i find
ApiGuardAuth::authenticate($this->apiKey); on Chrisbjr\ApiGuard\Http\Middleware\ApiGuard.php line 99, this code just return false or the user have been authenticated, but there isn't a judgement on whether two user_ids are equal.
or i just misunderstand your code, and misuse your code. i really appreciate it if you can solve my problem.
Thank you