How to logout in the api? using Passport in laravel

4
votes

Now when I want to log out my user, I send a post request to my API (with Bearer token)

3
phplaravel
Change the bearer token valueDsRaj
you could try: stackoverflow.com/questions/43318310/…Khine Thu
You can create a get request for logout method with bearer token. And revoke that token.Sachin Kumar
Possible duplicate of How to logout a user from API using laravel PassportNico Haase

3 Answers

7
votes
Route::group(['middleware' => ['auth:api']], function () {
Route::post('/logout', 'UserApiController@logout');
});

UserApiController.php

public function logout(){   
    if (Auth::check()) {
        Auth::user()->token()->revoke();
        return response()->json(['success' =>'logout_success'],200); 
    }else{
        return response()->json(['error' =>'api.something_went_wrong'], 500);
    }
}
1
votes

The answers here are all great. If revoke() does not work i.e 

Auth::user()->token()->revoke();

does not work, use,

  public function logout(Request $request)
  {
    $response =  self::HTTP_CREATED;
    $user= $request->user();
    unset($user->api_token);
    $user->save();

    return response()->json([

      'response' => 'true', 
      'result' => '',
      'message' => 'User logged out'

  ], $response);

  }

The goal is to remove the token from the table which the above code does manually.

0
votes

Also tested with laravel 7.24, if you do not use middleware in api-routes.:

api.php

Route::post('/logout', 'LoginController@logout');

Use the api-guard (= passport) and then the standard laravel passport "revokeAccessToken" method.

public function logout ()
    {
        $tokenRepository = app('Laravel\Passport\TokenRepository');

        $user = auth('api')->user();

        if ($user) {
            $tokenRepository->revokeAccessToken($user->token()->id);
            return 'logged out';
        } else {
            return 'already logged out';
        }
    }