Laravel 5 Auth logout not working

Question

When I use the built-in Authentication and try to log the user out at /auth/logout - it does not work as hoped. It appears to keep the user logged in. But when I clear my browser cache, I can see that is has actually logged the user out.

I don't get any errors on the page nor errors in the log file.

I am guessing that Session::flush() at the logout method would possibly solve this - but I don't know where to put it.. Can someone point me in the right direction?

I was having the same issue, my mistake was put the middleware "guest" to the logout route. :/ Maybe you are having the same problem. — Vagner do Carmo, Aug 10 '16 at 20:52

score 60 · Accepted Answer · edited May 23 '17 at 11:55

60

For anyone that has problems solving it with the accepted solution: I started with Laravel 5.1 and updated to 5.2. The following fix worked for me:

Try changing your 'logout' route to

Route::get('auth/logout', 'Auth\AuthController@logout');

or in AuthController constructor add

public function __construct()
{
    $this->middleware('guest', ['except' => ['logout', 'getLogout']]);
}

Taken from: https://stackoverflow.com/a/34667356/1275778 (also check the other answers there if you're still having problems afterwards)

edited May 23 '17 at 11:55

Community

1
1

answered Mar 05 '16 at 13:33

Karl Lorey

1,536
17
21

5

Thanks, your second option worked immediately after many other failed solutions! – Tor Mar 12 '16 at 19:59
1

This one worked for me, I'm using 5.2, thank you so much lorey. – marcovega Mar 28 '16 at 18:03
6

This should be the accepted answer. Changing the default `$this->middleware('guest', ['except' => ['getLogout']]);` to `$this->middleware('guest', ['except' => ['logout', 'getLogout']]);` did the trick. – Robin van Baalen Apr 27 '16 at 16:14
I just changed the route `...@getLogout` to `...@logout` and everything works now. thanks – P_95 Aug 01 '16 at 08:58
Worth mentioning: Watch out that your logout route is not part of a route group which implements `guest` middleware already. In that case it will ignore the above exception. – fpersyn Dec 04 '18 at 10:16
If anyone comes here in the future still not finding joy in the answers: should you be using Auth::logout() or auth()->logout() -- try running session()->flush AND session()->save after. Much Googling brought me to find that, and it works a charm! – Max May 05 '20 at 19:28

score 13 · Answer 2 · answered Feb 27 '15 at 05:01

13

Try this..

Put In following code "class AuthController extends Controller"

public function getLogout()
    {
        $this->auth->logout();
        Session::flush();
        return redirect('/');
    }

answered Feb 27 '15 at 05:01

Deenadhayalan Manoharan

5,436
14
30
50

2

I needed to change Session::flush(); to \Session::flush(); but otherwise worked for my situation. – Mhluzi Bhaka Jul 23 '15 at 23:06
@UmairHamid Put that code (use ``Auth::Logout()`` instead of ``$this->auth->logout();``) into a new function (say, ``public function logout()``) in the AuthController and point your route for auth/logout there. – William Jan 28 '16 at 07:33
1

Tried with same but no result at al – Umair Hamid Jan 28 '16 at 07:56
Also no luck here; but @lorey's suggestion worked for me. – TextGeek Aug 15 '16 at 13:12

score 8 · Answer 3 · edited Apr 08 '16 at 21:06

I had the same problem. The problem was actually a simple little error in the configuration of the route and controller.

You see the route actually specifies a method of getLogout and the controller exception is looking for logout.

The only thing you need to do is change the exception in the controller. No need for any additional methods. The getLogout method already exists and works perfectly.

Here is the actual code

app/Http/routes.php

Route::get('auth/logout', 'Auth\AuthController@getLogout');

app/Http/Controllers/Auth/AuthController.php

public function __construct()
{
    $this->middleware($this->guestMiddleware(), ['except' => 'logout']);
}

The _construct method should look like that:

public function __construct()
{
    $this->middleware($this->guestMiddleware(), ['except' => 'getLogout']);
}

This works. It seems weird you have to do this considering that `getLogout` is the method called in `Illuminate/Foundation/Auth/AuthenticatesAndRegistersUsers` so they should have `getLogout` be default in the `AuthController.php`. — zen, Jun 27 '16 at 17:59

score 4 · Answer 4 · answered Jun 05 '16 at 17:23

this ocurrs because the middleware is called for every route. you can add a exception to " logout route" in App\Http\Middleware\RedirectIfAuthenticated.php

class RedirectIfAuthenticated
{
/**
 * Handle an incoming request.
 *
 * @param  \Illuminate\Http\Request  $request
 * @param  \Closure  $next
 * @param  string|null  $guard
 * @return mixed
 */
    public function handle($request, Closure $next, $guard = null)
    {
        if (!$request->is('/logout') && Auth::guard($guard)->check()) {
            return redirect('/home');
        }

        return $next($request);
    }
}

Kabir Hossain · Answer 5 · 2020-07-04T04:18:39.070

3

For logout in laravel 5.6 and later version :

use in your view page:

    <a href="{{ url('logout') }}">Logout</a>

use this in your web.php

Route::get('logout', 'Auth\LoginController@logout');

edited Jul 04 '20 at 04:18

answered Aug 14 '18 at 08:32

Kabir Hossain

2,865
1
28
34

why is it you have to override the default get route? – whisk May 08 '19 at 01:52
By default Laravel uses post method for logout, We convert this to get. Using this override. Have your any confusion ? – Kabir Hossain May 28 '19 at 08:20
It makes sense on what you are saying, just wondering why it comes as a post out of the box. – whisk May 29 '19 at 02:36
Thanks! Was looking for this for ages - why do we have to request the default post request with a get request though - this confuses me, why can we not just post with blade directly to the default Auth::logout. – Jeremy Jul 02 '20 at 18:45
You can use default login, but that is not get method, that is post request; – Kabir Hossain Jul 04 '20 at 04:17

score 2 · Answer 6 · answered Mar 04 '16 at 12:00

2

I had the same problem with updated laravel 5.2. I have used laravel's auth controller and I solved this problem using like,

/logout instead of /auth/logout same for /register and /login in instead of using /auth/register and /auth/login.

answered Mar 04 '16 at 12:00

AmarjaPatil4

1,640
3
28
41

score 2 · Answer 7 · answered Apr 26 '16 at 14:43

2

Laravel 5.2 the url is a little different ...

Use this

php artisan make:auth

This will generate the routes for auth and some templates for login e register...

Be careful to use this with existing projects, it can make changes to your code

answered Apr 26 '16 at 14:43

Valdir Lourenco

31
1

score 1 · Answer 8 · edited May 23 '17 at 12:26

Not enough on browsers that recover your tabs after crash (Chrome doesn't delete session cookies) . Also, after redirect a new session is created. Solution: in AuthController, as mentioned above, in getLogout, set a variable and pass it to redirect:

$data['logout'] = true;
return redirect('/')->with('data',$data);

In your home view do this:

@if(session()->has('data') && session('data')['logout'])
{{session_unset()}}    
{{setcookie('laravel_session', "", -1, "/")}}
@endif

I believe Laravel redirect reinitialises Session. So after redirect, in view, reset delete cookie. Anybody can comment on this? Is this the right reason this works?

score 0 · Answer 9 · answered Feb 26 '15 at 16:28

0

To log out a user with Laravel using the built in authentication tools, it is as simple as using Auth::logout();.

Please also check the various session settings in config/session.php if the sessions behaves unpredictably.

answered Feb 26 '15 at 16:28

Marcus Olsson

2,485
19
35

Hekmat · Answer 10 · 2016-04-09T07:39:50.667

Solution is very very simple

in Http->Middleware->Authenticate.php change "login" in else statement to "/"

return redirect()->guest('/');

and define following route in routes.php

Route::get('/', function () {
    return view('login');
});

for logout call following function: public function getlogout(){ \Auth::logout(); return redirect('/home'); } this is important redirect to "/home" instead of "/" that first calls $this->middleware('auth'); and then in middleware redirect to "/"

score 0 · Answer 11 · answered Oct 25 '16 at 14:01

I had the same problem after upgrading to Laravel 5.3. To fix it, I noticed that the traits used in

App\Http\Controllers\Auth\AuthController

are outdated, so I changed the line

use AuthenticatesAndRegistersUsers, ThrottlesLogins;

into

use AuthenticatesUsers;

and also the line in the constructor

$this->middleware($this->guestMiddleware(), ['except' => 'logout']);

into

$this->middleware('guest', ['except' => ['logout', 'getLogout']]);

Then the method App\Http\Controllers\Auth\AuthController@logout started to work properly.

score 0 · Answer 12 · answered Aug 15 '17 at 16:30

0

In 5.4 this worked for me...

<a href="#" onclick="event.preventDefault(); document.getElementById('logout-form').submit();">Logout</a>

<form id="logout-form" action="/logout" method="POST" style="display: none;">{{ csrf_field() }}</form>

answered Aug 15 '17 at 16:30

user857276

1,407
1
14
19

score 0 · Answer 13 · edited Sep 06 '20 at 03:59

0

in case no any solutions is working try this for multiple custom guards if you use auth()->logout then it wont work just use auth('your-guard-name')->logout(); then it will work fine.

edited Sep 06 '20 at 03:59

Dharman

30,962
25
85
135

answered Sep 06 '20 at 03:53

Jasbin Karki

574
7
15

score -1 · Answer 14 · answered May 29 '17 at 19:48

-1

It is a quite old thread but finally I found a simple trick to log the user out from the server:

return Auth::logout();

answered May 29 '17 at 19:48

szatti1489

352
2
5
16

Laravel 5 Auth logout not working

14 Answers14

app/Http/routes.php

app/Http/Controllers/Auth/AuthController.php

Linked