best JWT Cookie middleware

[DIEGOHORVATTI]

What would be the most correct way to use middleware to force routes to use an access token? in my case it works perfectly but there is a problem the automatic documentation does not declare that I need a token for adjacent routes.

import { t } from 'elysia'
import { jwt } from '@elysiajs/jwt'

import { JWT_SECRET as secret } from '@/constants/config'

const schema = t.Object({
  id: t.String(),
  email: t.Optional(t.String({ format: 'email' }))
})

export const jwtSettings = jwt({ name: 'jwt', exp: '7d', secret, schema })

import { Elysia, error, t } from 'elysia'

import { User } from '@/models/User'

import { jwtSettings } from '@/shared/jwt-settings'

export const jwt = (app: Elysia) =>
  app
    .use(jwtSettings)
    .guard({
      as: 'global',
      cookie: t.Cookie({ token: t.String() })
    })
    .derive(async ({ cookie: { token }, jwt }) => {
      if (!token.value) {
        throw error('Unauthorized', { error: 'Nenhum token encontrado nos cookies' })
      }

      const decoded = await jwt.verify(token.value)
      if (!decoded) {
        throw error('Unauthorized', { error: 'Token inválido' })
      }

      const user = (await User.findById(decoded.id))?.toJSON()
      if (!user) {
        throw error('Unauthorized', { error: 'Usuário não encontrado', reLogin: true })
      }

      return { user, token }
    })