Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.

anas_repo's avatar

auth:sanctum middleware on logout not set user_id field null session

When I log out with auth:sanctum middleware , the user_id field on sessions tabel is not set to null, unlike when I don't use it.

Route::post('/logout', function (Request $request) {
    Auth::guard('web')->logout();
    $request->session()->invalidate();
    $request->session()->regenerateToken();
    return ['done' => 'ok'];
})->middleware('auth:sanctum');

The problem is that I have routers that use this middleware and sometimes I need to log out for some reason. When using auth:sanctum, the user_id is not set to null.

i don't use tokens , i use sessions and cookies with sanctum, and sessions driver is database

0 likes
1 reply
anas_repo's avatar

The solution that worked for me, but I don't know if it is right or wrong, is instead of using auth:sanctum, use auth only as middleware.

Route::post('/logout', function (Request $request) {
    Auth::guard('web')->logout();
    $request->session()->invalidate();
    $request->session()->regenerateToken();
    return ['done' => 'ok'];
})->middleware('auth');

Please or to participate in this conversation.