0

I am using Laravel Sanctum for both API and SPA authentication.

When an SPA user logs out, I need to logout him from all other devices too without asking for password. This is a requirement (and hence I cannot go other-way).

I am deleting all tokens of the target user during logout. And clearing user session does not delete/expire sessions from other devices. I need to delete all sessions of that particular user (from all devices).

I cannot find a way to obtain this.

Chitholian
  • 432
  • 1
  • 10
  • 19
  • `Auth::user()->tokens()->where('id', $id)->delete();` $id is your user id https://stackoverflow.com/a/62497133/4575350 – STA Nov 30 '22 at 06:20
  • @sta It does not logout from other devices using Laravel Session. – Chitholian Nov 30 '22 at 07:40
  • 1
    If you are using session based authentication, then deleting all tokens will not delete the session. Currently there are no way to delete a user session without logout – STA Nov 30 '22 at 08:37

0 Answers0