doc: update "enable-authentication-and-restriction.md" doc, and examples of jwt-auth and wolf-rbac.

[AlinsRan]

Type of change:

• Bugfix
• New feature provided
• Improve performance
• Backport patches

What this PR does / why we need it:

Pre-submission checklist:

The doc update contains:

• The jwt-auth config and example.
• The wolf-rbac config.
• The key-auth reference K8s Secret object in example.
• Optimize content.

• Did you explain what problem does this PR solve? Or what new features have been added?
• Have you added corresponding test cases?
• Have you modified the corresponding document?
• Is this PR backward compatible? If it is not backward compatible, please discuss on the mailing list first

[AlinsRan]

cc @navendu-pottekkat
Please help review it.

[juzhiyuan]

😂 May I know what's details usage here?

[AlinsRan]

[pottekkat]

Do we have specific reason to use this? If so, could you add it to the style guide on when to use this?

[AlinsRan]

My idea is that there are many authentication methods we haven't written in. If we add configuration to each one later, it may appear very bloated. I think the display effect will be better if we use it. Users can choose the configuration content they care about. What do you think?

[juzhiyuan]

I would suggest we keep using the same style when passing variables, cc @navendu-pottekkat @hf400159

[guitu168]

yes, I've added this to the next edition of the writing guide last week, and I'll be releasing the new style guide this Friday.

[pottekkat]

@AlinsRan Does the ${name} here refer to a value the user has to set? Or is it somehow a variable they are passing?

In the past we have been using name: user-configured-name or some placeholder like that.

// @juzhiyuan @hf400159

[AlinsRan]

This is a variable that users can customize. Do I need to follow the style of the past?

[juzhiyuan]

Just to make sure: whether the * signal is added by your IDE?

[AlinsRan]

Not, I added it.

[juzhiyuan]

So why not keep using -?

[tokers]

I think after each example, we need to give users a tip about using the valueRef field to reference a K8s Secret object so that we can avoid the hardcoded sensitive data in the ApisixConsumer object.

[AlinsRan]

Solved.

[tao12345666333]

the content is correct

[juzhiyuan]

Hi @navendu-pottekkat, please have a review when you have time, thanks!

[tao12345666333]

a kind reminder @navendu-pottekkat @juzhiyuan @hf400159
please help with review in order to complete this PR

[juzhiyuan]

Only some grammar issues left, after updating we could merge.

[juzhiyuan]

So why not keep using -?

[tao12345666333]

LGTM

let's move forward.