Level 75
right after Session::flush(); put a redirect to the login page or whatever page you want that doesn't require being logged in. Now if you login again, all should work.
2 likes
Feb 6, 2017
5
Level 15
Can't get Authentication to Work For me.
Using Laravel 5.1 And 'Out of the Box' authentication
I have discovered that my application is not logging out a user when I click "logout" ie I can go back into a protected page. I have doubled checked that my controllers are using
$this->middleware('auth');
So, looking into:
public function getLogout(){
return view('auth/login');
}
I notice that it has no way of flushing the session. So I add,
Auth::logout();
Session::flush();
It will then work correctly until I change the login name, then if I do I get the error:
TokenMismatchException in VerifyCsrfToken.php line 53:
I have checked that my login page does contain the value:
{!! csrf_field() !!}
And I can see it in the view source
I have googled and checked the docs many times. But can not figure out what is going here.
Any advice would be SUPER welcome.
Many Thanks !!
Level 4
If you check default app.blade after you run php artisan make:auth, then on the logout link you will see it containing a form with another csrf_field. Here the original code, i'm extremely sure you will get it.
<ul class="dropdown-menu" role="menu">
<li>
<a href="{{ url('/logout') }} onclick="event.preventDefault(); document.getElementById('logout-form').submit();">Logout</a>
<form id="logout-form" action="{{ url('/logout') }}" method="POST" style="display: none;">
{{ csrf_field() }}
</form>
</li>
</ul>
And of course logout route should accept post method.
Level 75
@hendranucleo you did see he's asking about 5.1, not 5.4
1 like
Level 15
@jlrdw THANK YOU !!!! It worked ! You are a Rock Star !
Level 15
yes I will upgrade to 5.4 at some point soon. Time is against me right now. :o)
Please or to participate in this conversation.