如何使用laravel Passport从API中注销用户
我目前正在使用2个项目. 1个前端(通过laravel后端与API进行通信)和另一个laravel项目(API).
I'm currently using 2 projects. 1 front end (with laravel backend to communicate with API) and another laravel project (the API).
现在,我使用Laravel Passport对用户进行身份验证,并确保每个API调用都是授权调用.
Now I use Laravel Passport to authenticate users and to make sure every API call is an authorized call.
现在,当我想注销用户时,我向我的API发送一个发布请求(带有Bearer令牌),然后尝试从API中注销他(并清除会话,Cookie ...)
Now when I want to log out my user, I send a post request to my API (with Bearer token) and try to log him out of the API (and clear session, cookies,...)
然后在客户端上,我也刷新了会话,因此不再知道该令牌.现在,当我返回登录页面时,它将自动登录我的用户. (或者我的用户仍在登录).
Then on the client I also refresh my session so the token is no longer known. Now when I go back to the login page, it automatically logs in my user. (Or my user is just still logged in).
有人可以解释我如何正确注销使用Laravel护照的用户吗?
Can someone explain me how to properly log out a user with Laravel passport?
谢谢.
您需要从数据库表oauth_access_tokens中删除令牌
您可以通过创建诸如OauthAccessToken
You need to delete the token from the database table oauth_access_tokens
you can do that by creating a new model like OauthAccessToken
-
运行命令
php artisan make:model OauthAccessToken创建模型.
然后在User模型和新创建的OauthAccessToken模型之间创建一个关系,在User.php add中:
Then create a relation between the User model and the new created OauthAccessToken Model , in User.php add :
public function AauthAcessToken(){
return $this->hasMany('\App\OauthAccessToken');
}
在UserController.php中,创建一个用于注销的新函数:
in UserController.php , create a new function for logout:
public function logoutApi()
{
if (Auth::check()) {
Auth::user()->AauthAcessToken()->delete();
}
}
在api.php路由器中,创建新路由:
In api.php router , create new route :
Route::post('logout','UserController@logoutApi');
/api/logout
/api/logout