How to logout and redirect to login page using Laravel 5.4?

64
votes

I am using Laravel 5.4 and trying to implement authentication system. I used php artisan command make:auth to setup it. I edited the views according to my layout. Now, when I am trying to logout it throwing me this error

NotFoundHttpException in RouteCollection.php line 161:

could any one help me how to logout?

11
phplaravel-5.4
Post your code to? - Mayank Pandeyz

11 Answers

175
votes

In your web.php (routes):

add:

Route::get('logout', '\App\Http\Controllers\Auth\LoginController@logout');

In your LoginController.php

add:

public function logout(Request $request) {
  Auth::logout();
  return redirect('/login');
}

Also, in the top of LoginController.php, after namespace

add:

use Auth;

Now, you are able to logout using yourdomain.com/logout URL or if you have created logout button, add href to /logout

63
votes

Well even if what suggest by @Tauras just works I don't think it's the correct way to deal with this.

You said you have run php artisan make:auth which should have also inserted Auth::routes(); in your routes/web.php routing files. Which comes with default logout route already defined and is named logout.

You can see it here on GitHub, but I will also report the code here for simplicity:

    /**
     * Register the typical authentication routes for an application.
     *
     * @return void
     */
    public function auth()
    {
        // Authentication Routes...
        $this->get('login', 'Auth\LoginController@showLoginForm')->name('login');
        $this->post('login', 'Auth\LoginController@login');
        $this->post('logout', 'Auth\LoginController@logout')->name('logout');
        // Registration Routes...
        $this->get('register', 'Auth\RegisterController@showRegistrationForm')->name('register');
        $this->post('register', 'Auth\RegisterController@register');
        // Password Reset Routes...
        $this->get('password/reset', 'Auth\ForgotPasswordController@showLinkRequestForm')->name('password.request');
        $this->post('password/email', 'Auth\ForgotPasswordController@sendResetLinkEmail')->name('password.email');
        $this->get('password/reset/{token}', 'Auth\ResetPasswordController@showResetForm')->name('password.reset');
        $this->post('password/reset', 'Auth\ResetPasswordController@reset');
    }

Then again please note that logout requires POST as HTTP request method. There are many valid reason behind this, but just to mention one very important is that in this way you can prevent cross-site request forgery.

So according to what I have just pointed out a correct way to implement this could be just this:

<a href="{{ route('logout') }}" onclick="event.preventDefault(); document.getElementById('frm-logout').submit();">
    Logout
</a>    
<form id="frm-logout" action="{{ route('logout') }}" method="POST" style="display: none;">
    {{ csrf_field() }}
</form>

Finally note that I have inserted laravel out of the box ready function {{ csrf_field() }}!

19
votes

You can use the following in your controller:

return redirect('login')->with(Auth::logout());
13
votes

Best way for Laravel 5.8

100% worked

Add this function inside your Auth\LoginController.php

use Illuminate\Http\Request;

And also add this

public function logout(Request $request)
{
    $this->guard()->logout();

    $request->session()->invalidate();

    return $this->loggedOut($request) ?: redirect('/login');
}
8
votes

here is another way to do it by calling Auth::logout() in route

Route::get('/logout', function(){
   Auth::logout();
   return Redirect::to('login');
});
5
votes

I recommend you stick with Laravel auth routes in web.php: Auth::routes()

It will create the following route:

POST | logout | App\Http\Controllers\Auth\LoginController@logout

You will need to logout using a POST form. This way you will also need the CSRF token which is recommended.

<form method="POST" action="{{ route('logout') }}">
  @csrf
  <button type="submit">Logout</button>
</form>
3
votes

In 5.5

adding

Route::get('logout', 'Auth\LoginController@logout');

to my routes file works fine.

3
votes

In Laravel 6.2

Add the following route to : web.php

Route::post('logout', 'Auth\LoginController@logout')->name('logout');

Using Achor tag with logout using a POST form. This way you will also need the CSRF token. 

 <a class="log-out-btn" href="#" onclick="event.preventDefault();document.getElementById('logout-form').submit();"> Logout </a>

 <form id="logout-form" action="{{ route('logout') }}" method="POST" style="display: none;">
          {{ csrf_field() }}
  </form>
0
votes

If you used the auth scaffolding in 5.5 simply direct your href to:

{{ route('logout') }}

There is no need to alter any routes or controllers.

0
votes

It's better and safer to add to your LoginController.php the following code, that runs only after the standard logout:

use AuthenticatesUsers;

protected function loggedOut(Request $request)
    {
        return redirect('/new/redirect/you/want');
    }
0
votes

if you are looking to do it via code on specific conditions, here is the solution worked for me. I have used in middleware to block certain users: these lines from below is the actual code to logout:

$auth = new LoginController();
$auth->logout($request);

Complete File:

namespace App\Http\Middleware;
use Closure;
use Auth;
use App\Http\Controllers\Auth\LoginController;
class ExcludeCustomers{
    public function handle($request, Closure $next){
        $user = Auth::guard()->user();
        if( $user->role == 3 ) {
            $auth = new LoginController();
            $auth->logout($request);
            header("Location: https://google.com");
            die();
        } 
        return $next($request);
    }
}