Laravel 7 Sanctum logout

6
votes

I'm using Laravel 7 with Sanctum authentication for my app.
How can i implement the logout procedure?
I use:

Auth::user()->tokens()->delete();

and it works, but It delete all tokens of this user. i would like to delete only the token of the user who requested the logout, in this way the other sessions should remain open

3
laravellaravel-sanctum

3 Answers

10
votes

You need to specify the user :

// Revoke a specific user token
Auth::user()->tokens()->where('id', $id)->delete();

// Get user who requested the logout
$user = request()->user(); //or Auth::user()
// Revoke current user token
$user->tokens()->where('id', $user->currentAccessToken()->id)->delete();
7
votes

For the logout, you can directly delete the token if you use currentAccessToken().

$request->user()->currentAccessToken()->delete();
0
votes

Update for Laravel 8.x.x

You can use three different approaches

// Revoke all tokens...
$user->tokens()->delete();

// Revoke the token that was used to authenticate the current request...
$request->user()->currentAccessToken()->delete();

// Revoke a specific token...
$user->tokens()->where('id', $tokenId)->delete();