Menu
I have one user class which consists of two types of users and want to allow different users to go to different pages.
I have created a filter as follows
Route::filter('isExpert', function()
{
$userIsExpert = 0;
$userIsLoggedIn = Auth::check();
if ($userIsLoggedIn && Auth::user()->role == 'expert') {
$userIsExpert = 1;
}
Log::info('Logged in: ' . $userIsLoggedIn . ' && Expert: ' . $userIsExpert);
if ($userIsExpert == 0)
{
Log::info('should be logging out now.');
Auth::logout();
return Auth::basic();
}
});
And routing like so
Route::get('/winners', array('before' => 'isExpert', function()
{
$winners = DB::select('select * from winners');
return View::make('winners.index')->with('winners',$winners);
}));
The thought is this: If it's not an expert, it will logout and redirect to login page. If it is, it will simply continue. However, Auth::logout(); doesn't ever log out the user.
Question
Why is not Auth::logout() working? I've tried placing it anywhere in the app to no avail.
cheers
726
I had the same problem, I really couldn't logout the current user... And the answer is simple: Laravel doesn't support logout() with Auth::basic().
There are ways to fix it, but it's not very clean; https://www.google.nl/search?q=logout+basic
57
This is not a limitation to Laravel, HTTP Basic Authorization is not designed to handle logging out. The client will remain logged in until the browser is closed.
HTTP Basic Authorization really shouldn't be used in any public production environment. Here are some reasons why:
The only valid case I can think of is to protect public development-subdomains like dev.example.com, but there are better ways to solve that as well.
29
The easiest way that I've found for that is to redirect to invalid username/password on logout route. Example:
Route::get('admin/logout', function() {
return Redirect::to(preg_replace("/:\/\//", "://log-me-out:fake-pwd@", url('admin/logout')));
});
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
