What is the best way to manage Laravel passport tokens when logout?

2
votes

I would like to know what is the best way to manage tokens in oauth_access_tokens tables of Laravel passport when logout users from API call?

Currently I have only set 8 hours expiration for the token, and keep all the tokens there.

Thanks for your help.

2
laravellaravel-passport

2 Answers

1
votes

If the users logs out then maybe you should remove them. You can add a subscriber to the log out event and do it from there. Take a look at:

https://laravel.com/docs/master/events#writing-event-subscribers

0
votes

php artisan passport:keys --length=512 --force # create 512 character length tokens and etecetera