If you are using LumenPassport (that is based on Laravel Passport) for user authentication, you must know that Laravel Passport/Lumen Passport support’s both single and multiple token(s).
It doesn’t come with logout route as you can see routes list from LaravelPassport.
Solution:
Create /api/auth/logout route, since Lumen is session less you need to pass Authentication headers by providing Bearer access token.
Through that access token, we will parse token to get token Id in order to revoke it in oauth_access_tokens table.
public function logout(Request $request) {
$token = $request->bearerToken();
if ($token) {
$id = (new Parser())->parse($token)->getHeader('jti');
DB::table('oauth_access_tokens')->where('id', '=', $id)->update(['revoked' => 1]);
}
return [
'status' => 'success',
'message' => 'Logout successfully.'
];
}
That’s it, this will do the magic…