1

my project allow multiple device login to same account. i able to generate access token and refresh token by calling to oauth/token endpoints. now the problem is i want to set one token for one device id.

i created an endpoint domain.com/user/login

now , when i call login with device A , it will generate access token and refresh token with new record and due to some problem , device A force redirect user to login again , on this time i will generate new access token and refresh token with new record.

now i have 2 valid access token within device A. So what can i do to revoke first access token of device A instead of revoke all of the user's account access token.

JinQu Gan
  • 11
  • 3

1 Answers1

0

You can find more information in the documentation on how to revoke an access token (https://laravel.com/docs/8.x/passport#revoking-tokens)

From the documentation (Laravel 8):

$tokenRepository = app('Laravel\Passport\TokenRepository');
$refreshTokenRepository = app('Laravel\Passport\RefreshTokenRepository');

// Revoke an access token...
$tokenRepository->revokeAccessToken($tokenId);

// Revoke all of the token's refresh tokens...
$refreshTokenRepository->revokeRefreshTokensByAccessTokenId($tokenId);
Clément Bisaillon
  • 5,037
  • 8
  • 32
  • 53