Laravel Auth ::注销不删除记住我的cookie [英] Laravel Auth::logout not removing remember me cookie

问题描述

因此，我的会话的生命周期设置为两周，因此用户不必多次登录或注销。但是今天我注意到了一些东西，如果你注销它会破坏你的会话，但保持记住我cookie在你的浏览器。这会导致问题，因为如果您在同一台计算机上切换帐户8-10次，您会收到400错误的请求错误，因为您发送的信息太多。现在8-10次在一个正常的生活中的一个cookie是有点牵强，但是当你的生命是两个星期，我遇到了问题。

So I have the lifetime of my sessions set to two weeks so users do not have to log in or out multiple times. However today I noticed something, if you log out it destroys your session but keeps the remember me cookie on your browser. This causes issues because if you switch accounts enough on the same computer 8-10 times you get a 400 bad request error because you are sending too much information. now 8-10 times in a normal lifetime of a cookie is kind of far fetched but when your lifetime is two weeks I have run into issues.

这是当登录和退出几次时发生的情况的屏幕截图。 如何在用户注销时删除生命周期Cookie？到目前为止我已经尝试了

This is a screenshot of what is happening when logging in and out a few times back to back. How can I delete the lifetime cookie when a user logs out? So far I have tried

    Auth::logout();
    Session::flush();

推荐答案

似乎cookie不会自动取消设置。但是，您可以在退出后返回重定向响应之前，在您的控制器中执行此操作。

It seems the cookie does not get unset automatically. However you can do this in your controller just before you return the redirect response after logout.

public function getLogout() {
    // your code here
    .....
    // Get remember_me cookie name
    $rememberMeCookie = Auth::getRecallerName();
    // Tell Laravel to forget this cookie
    $cookie = Cookie::forget($rememberMeCookie);

    return Redirect::to('/')->withCookie($cookie);
}

请记住使用重新导向重新运行Cookie，否则将无法工作。

Just remember to retrun the cookie with the redirect, otherwise it won't work.

这篇关于Laravel Auth ::注销不删除记住我的cookie的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！