Lumen Laravel

Lumen Passport Logout

If you are using LumenPassport (that is based on Laravel Passport) for user authentication, you must know that Laravel Passport/Lumen Passport support’s both single and multiple token(s).

It doesn’t come with logout route as you can see routes list from LaravelPassport.

Solution:
Create /api/auth/logout route, since Lumen is session less you need to pass Authentication headers by providing Bearer access token.

Through that access token, we will parse token to get token Id in order to revoke it in oauth_access_tokens table.

    public function logout(Request $request) {
        $token = $request->bearerToken();
        if ($token) {
            $id = (new Parser())->parse($token)->getHeader('jti');
            DB::table('oauth_access_tokens')->where('id', '=', $id)->update(['revoked' => 1]);
        }

        return [
            'status' => 'success',
            'message' => 'Logout successfully.'
        ];
    }

That’s it, this will do the magic…

About the author

Danyal Ali Butt

I'm working as programmer since 2002. Born, grew up, studied and worked in Pakistan now Im located in Denmark since 2006.

View all posts