I'm currently writing a library to handle that now, but it's in early alpha not yet ready for use. In the meantime, you can refer to this project as an example: https://github.com/jeremykendall/flaming-archer.
Pay special attention to the login route, the Auth DbAdapter, and the Auth middleware.
It uses an array of URIs to secure certain routes, in this case just the admin group of routes.