I'm using Laravel 7 with Sanctum authentication for my app.
How can i implement the logout procedure?
I use:
Auth::user()->tokens()->delete();
and it works, but It delete all tokens of this user. i would like to delete only the token of the user who requested the logout, in this way the other sessions should remain open
You need to specify the user :
// Revoke a specific user token
Auth::user()->tokens()->where('id', $id)->delete();
// Get user who requested the logout
$user = request()->user(); //or Auth::user()
// Revoke current user token
$user->tokens()->where('id', $user->currentAccessToken()->id)->delete();
Update of Laravel 7, 8 :
// Revoke the token that was used to authenticate the current request...
$request->user()->currentAccessToken()->delete();
// Revoke a specific token...
$user->tokens()->where('id', $tokenId)->delete();
You can use three different approaches
// Revoke all tokens...
$user->tokens()->delete();
// Revoke the token that was used to authenticate the current request...
$request->user()->currentAccessToken()->delete();
// Revoke a specific token...
$user->tokens()->where('id', $tokenId)->delete();
For the logout, you can directly delete the token if you use currentAccessToken().
$request->user()->currentAccessToken()->delete();
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With