How to logout in the api? using Passport in laravel

Question

现在，当我想注销我的用户时，我向我的 API 发送一个 post 请求（使用 Bearer 令牌）

Answer 1

Route::group(['middleware' => ['auth:api']], function () {
Route::post('/logout', 'UserApiController@logout');
});

UserApiController.php

public function logout(){   
    if (Auth::check()) {
        Auth::user()->token()->revoke();
        return response()->json(['success' =>'logout_success'],200); 
    }else{
        return response()->json(['error' =>'api.something_went_wrong'], 500);
    }
}

Answer 2

The answers here are all great. If revoke() does not work ie

Auth::user()->token()->revoke();

does not work, use,

  public function logout(Request $request)
  {
    $response =  self::HTTP_CREATED;
    $user= $request->user();
    unset($user->api_token);
    $user->save();

    return response()->json([

      'response' => 'true', 
      'result' => '',
      'message' => 'User logged out'

  ], $response);

  }

The goal is to remove the token from the table which the above code does manually.

Answer 3

Also tested with laravel 7.24, if you do not use middleware in api-routes.:

api.php

Route::post('/logout', 'LoginController@logout');

Use the api-guard (= passport) and then the standard laravel passport "revokeAccessToken" method.

public function logout ()
    {
        $tokenRepository = app('Laravel\Passport\TokenRepository');

        $user = auth('api')->user();

        if ($user) {
            $tokenRepository->revokeAccessToken($user->token()->id);
            return 'logged out';
        } else {
            return 'already logged out';
        }
    }