Closed dneykov closed 7 years ago
You have to know that the package only setting up things for you. It is possible that maybe there is the way to separete sessions but i dont know how yet.
I think the session()->flush() clears the complete session?
/**
* Log the user out of the application.
*
* @param Request $request
* @return \Illuminate\Http\Response
*/
public function logout(Request $request)
{
$this->guard()->logout();
$request->session()->flush();
$request->session()->regenerate();
return redirect('/');
}
probably
If I comment it, it just logs out the current guard.
Is this a viable solution for the problem? There's still one session, but when you logout it checks how many guards are active. If none are active it flushes and regenerates the session.
/**
* Log the user out of the application.
*
* @param Request $request
* @return \Illuminate\Http\Response
*/
public function logout(Request $request)
{
$activeGuards = 0;
$this->guard()->logout();
foreach (config('auth.guards') as $guard => $guardConfig) {
if ($guardConfig['driver'] === 'session') {
$guardName = Auth::guard($guard)->getName();
if ($request->session()->has($guardName) && $request->session()->get($guardName) === Auth::guard($guard)->user()->getAuthIdentifier()) {
$activeGuards++;
}
}
}
if ($activeGuards === 0) {
$request->session()->flush();
$request->session()->regenerate();
}
return redirect('/');
}
@rsdrsd your solution seems to work.
@rsdrsd well its not bad. I think i will apply it to the package next version, thanks.
Maybe it needs some refactoring?
@rsdrsd Maybe a little bit. You can think about it. I will make a trait with this new logout method soon.
Hey, the solution from @rsdrsd is working but i just added
return $this->authenticated($request, $this->guard()->user()) ?: redirect()->intended($this->redirectPath());
Instead of
return redirect('/');
Because in my case the logout from admin doesn't go back to the same page as the logout from user.
@hugo411 @rsdrsd @dneykov
I've created a pull request (#39) with multiple features, such as "domain" and Lucid architecture support. And one you may be interested on, the Logout method in a trait. So we can check in the session for activeGuards.
Also I've done it so the user can override the path to where you're redirected once logged out.
I don't understood the need for flush() and regenerate() the session. I've implemented my logout function as below and its working as expected:
// web logout
$this->guard()->logout();
return redirect()->route('web.login');
// admin logout
$this->guard()->logout();
return redirect()->route('admin.login');
Both used to be like the code below, causing issues with multi-auth logout:
// web logout
auth()->logout();
session()->invalidate();
return redirect()->route('web.login');
// admin logout
auth()->logout();
session()->invalidate();
return redirect()->route('admin.login');
Hello, I think this package is great but I have one problem. I create admin guard and everything work. After that I run make:auth to use default LoginController for my users but when I login as users and logout after that it logout the admin user as well? Is that normal behave? Can I separate their sessions so when logout user the admin stays logged in? Thanks