Hesto/multi-auth

Only standard web guard logout all other custom guards

Opened this issue · 1 comments

Zugmaschine commented

Hello, i dont understand, why only the standard web guard logout all other guards.
When i logout by one of my 2 other custom guards, only that single guard logs out?
Why is this behavior? They use all the same logout methode ...

AdmiinX commented

They don't use the same logout method
the standard auth LoginController use the logout method in Illuminate\Foundation\Auth\AuthenticatesUsers

public function logout(Request $request)
{
    $this->guard()->logout();

    $request->session()->invalidate();

    return $this->loggedOut($request) ?: redirect('/');
}

which invalidate the session (causing all other guards to logout)

while multi-auth LoginController override the logout method using Hesto\MultiAuth\Traits\LogsoutGuard

public function logout(Request $request)
{
    $activeGuards = 0;
    $this->guard()->logout();

    foreach (config('auth.guards') as $guard => $guardConfig) {
        if ($guardConfig['driver'] === 'session') {
            if ($this->isActiveGuard($request, $guard)) {
                $activeGuards++;
            }
        }
    }

    if ( ! $activeGuards) {
        $request->session()->flush();
        $request->session()->regenerate();
    }

    return redirect()->to($this->logoutToPath());
}

which invalidate the session only when there is no other active guards