Laravel sanctum SPA authentication logout is not working

3
votes

I am using laravel sanctum SPA authentication in my Vue project.Everything is working well but even after logout

Auth::logout()

I am still able to get datas from api route inside middleware

Route::middleware('auth:sanctum')->get('/user', function (Request $request) {
    return $request->user();
});

I should not be able to get datas after logout.It should show 401 unauthenticated but its not the case. How to solve this problem.I have been stuck here for 3 days.I followed laravel documentation and other tutorial as well but every one logged out same like I did.

2
laravelvue.jssingle-page-applicationlaravel-sanctum
is sanctum the default guard? - lagbox
Above route is written in api.php so default guard is api @lagbox - Pemba Tamang
the default guard is set in the configuration auth.php ... when using the auth functions if you don't pass a guard in it will use the default ... if the default isn't sanctum then you are potentially calling logout on a different guard - lagbox
Ok then you mean i should pass sanctum guard in logout? - Pemba Tamang
Did you solved your problem? I have the same issue, everything works well with postman, but vue keeps me logged even if I revoke the token through postman - Solidus

2 Answers

6
votes

Kindly use Auth::guard('web')->logout(); instead of Auth::logout(). look into SPA Log out issue

0
votes

In order to logout the specific user, You need to specify the user.

// Revoke a specific user token
Auth::user()->tokens()->where('id', $id)->delete();

// Get user who requested the logout
$user = request()->user(); //or Auth::user()
// Revoke current user token
$user->tokens()->where('id', $user->currentAccessToken()->id)->delete()