Laravel allows authenticating users with a remember_token stored in cookie.
In my user table I have an active column which is a boolean (1, 0).
If for example a user is fired, you need to disable his ability to login; so you change the active value to 0.
But what you are going to do with his cookies?
NOTICE! I've written this in a very primitive way! The question is how properly handle such situations.
分享 As you have no way to remove remember cookie, you need to implement a check in your application that would make sure that all users that log in have active status.
One way you could do this is to implement a listener for auth.login event and check the status there.
class CheckUserStatusHandler {
public function handle($user) {
if (!$user->active) Auth::logout($user);
}
}
Logout method will logout user and remove remember token.
Then register the listener in your EventServiceProvider:
protected $listen = [
'auth.login' => [
CheckUserStatusHandler::class
]
];
