One of the biggest problems with laravel fortify today is that it is 100% dependent on standard web systems (this is based on sessions and laravel blade views)

when using guard api together with laravel passport only \Illuminate\Contracts\Auth\StatefulGuard is accepted but laravel passport only accepts Laravel\Passport\Guards\TokenGuard

The right thing to do would be to let laravel fortify be 100% independent of standard web systems (such as sessions and laravel blade)!

With these new improvements it is possible to use Laravel Fortify 100% as an API and be able to work on the client side with frameworks (Vue.js, Nuxt.js, Next.js, React.js, Angular.)

@taylorotwell

AuthenticatedSessionController as the name indicates requires a Session-based guard to work.