Laravel 5 Auth Logout not destroying session

前端 未结 12 1586
忘掉有多难
忘掉有多难 2021-01-04 00:10

I am using Laravel5 Auth system for my new project, I am able to use registration and login functions with out any problem but logout is not working as expected, however I g

相关标签:
12条回答
  • 2021-01-04 00:30

    Using Laravel 5.2, I registered a listener, handled the logout event and called Session::flush as suggested above. Seemed to work pretty well. Hope this is helpful.

    EventServiceProvider.php

    protected $listen = [
        'App\Events\SomeEvent' => [
            'App\Listeners\EventListener',
        ],
        'Illuminate\Auth\Events\Logout' => [
            'App\Listeners\ClearSessionAfterUserLogout'
        ],
    ]; 
    

    ClearSessionAfterUserLogout.php

    public function handle(Logout $event)
    {
        Session::flush();
    }
    
    0 讨论(0)
  • 2021-01-04 00:32

    I've been fighting with this, and I've come to a solution.

    In short: The Laravel session reads and writes with middleware. It reads the stored session in at the start of the request, and writes any changes at the end of the request. If you make a redirect, then the current request never finishes, and the middleware write doesn't happen.

    So, how to fix this? Depending on your implementation... you should return the redirect command rather than calling it directly.

    return redirect($redirectAfterLogout)
    
    0 讨论(0)
  • 2021-01-04 00:33

    In your case you are not probably reaching the logout() method. If you are using Laravel 5 builting auth mechanism then you will run AuthenticatesAndRegistersUsers trait getLogout() method which does $this->auth->logout();

    Find this code edit the method like below for debugging. If you see the string "Logging out" then you must be logged out. Ohterwise something is wrong with your routing and logout is just never executed.

    /**
     * Log the user out of the application.
     *
     * @return \Illuminate\Http\Response
     */
    public function getLogout()
    {
        dd("Logging out");
        $this->auth->logout();
    
        return redirect('/');
    }
    
    0 讨论(0)
  • 2021-01-04 00:36

    You have not provided any piece of code that you have used. However, the following code works:

    public function getLogout(){
        Auth::logout();
        Session::flush();
        return Redirect::to('/');
    }
    

    The Session::flush();clears all the existing sessions.

    0 讨论(0)
  • 2021-01-04 00:37

    I ran into a similar issue and it turned out using the 'file' driver for sessions somehow the server was creating files it could not modify later but there was no file permission warning. I switched to a redis implementation so I unfortunately can not say how to fix the file creation issue, but thought this might save someone some time.

    0 讨论(0)
  • 2021-01-04 00:39

    trait AuthenticatesUsers

    public function logout(Request $request)
    

    change this

    $request->session()->regenerate();
    

    to this

    $request->session()->regenerate(true);
    
    0 讨论(0)
提交回复
热议问题