Explain how to use Next.js 14 Middleware for route protection. Provide a code example that checks for a JWT in cookies, validates it, and redirects unauthenticated users to the login page while excluding public assets.