Laravel 5.6:强制注销记住我的登录信息
[英]Laravel 5.6: Force logout remember me login
问题描述
I have a custom login controller in my app, which prevents multiple sessions per user. 
我的应用程序中有一个自定义的登录控制器,可防止每个用户进行多个会话。 It logs out the user if they log in from another device/browser: 如果用户从其他设备/浏览器登录,它将注销用户:
public function authenticated(Request $request, $user) {
$previous_session = $user->session_id;
if ($previous_session) {
session()->getHandler()->destroy($previous_session);
}
auth()->user()->session_id = session()->getId();
auth()->user()->save();
return redirect(session()->pull('from', $this->redirectTo));
}
Regardless of the session driver, this code looks for a session_id on users table and destroys the session associated with it. 无论会话驱动程序如何,此代码都会在users表上查找session_id并销毁与之关联的会话。
But this doesn't work if the user logged in with remember me checkbox enabled. 但是,如果用户使用“记住我”复选框登录,则此方法无效。 User stays logged in with previous device/browser. 用户保持使用先前设备/浏览器的登录状态。 How can I tell laravel to forget this remember me after the second login? 在第二次登录后,如何告诉laravel忘记这一点? Thanks. 谢谢。
1 个解决方案
解决方案1
1 已采纳 2019-01-17 06:09:44
You have to invalidate or cycle the remember_token in the users database table. 你必须无效或循环remember_token在users数据库表。
This happens automatically when you call Auth::logout() . 当您调用Auth::logout()时,这会自动发生。
The remember_token can also be invalidated manually similiar to how Laravel handles it: 该remember_token也可以手动无效类同Laravel如何处理它:
protected function cycleRememberToken(AuthenticatableContract $user)
{
$user->setRememberToken($token = Str::random(60));
$this->provider->updateRememberToken($user, $token);
}
Source: laravel/framework/src/Illuminate/Auth/SessionGuard.php 资料来源:laravel / framework / src / Illuminate / Auth / SessionGuard.php
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.