Yet Passport in laravel provides the facility to logout itself, still sometimes you may face that you have logged out fromAuth::logout() , but your token is still alive. You need to revoke this token in your logout method.
Routes configuration:
My logout route:
1 | Route::get('logout', 'auth\AuthController@logout'); |
Controller Configuration:
In AuthController.php use following classes / namespaces:
1 2 3 4 | use Illuminate\Support\Facades\Auth; use Lcobucci\JWT\Parser; use Illuminate\Http\Request; use DB; |
Now the logout method in above controller:
1 2 3 4 5 6 7 8 9 10 11 | public function logout(Request $request) { $value = $request->bearerToken(); if ($value) { $id = (new Parser())->parse($value)->getHeader('jti'); $revoked = DB::table('oauth_access_tokens')->where('id', '=', $id)->update(['revoked' => 1]); $this->guard()->logout(); } Auth::logout(); return Response(['code' => 200, 'message' => 'You are successfully logged out'], 200); } |
Using above method the current token’s status will be revoked and it will be not further usable.
thanks. its working but in line 7 cant known guard() method.
what is the $this or where is guard() method?