在 laravel 5.6 中重置密码时从所有浏览器注销用户

Question

当用户更改他们的密码时，他们会从浏览器中注销。但是，如果他们同时登录到另一个浏览器，则他们会在另一个浏览器上保持登录状态。

我想在用户重置密码时从他们登录的所有浏览器中注销用户。

这里登录控制器。

function checklogin(Request $request)
{

    $this->validate($request, ['email' => 'required|email', 'password' => 'required|string|min:3']);

    $user_data = array(
        'email' => $request->get('email') ,
        'password' => $request->get('password')
    );

    $remember_me = $request->has('remember') ? true : false;

    if (Auth::attempt($user_data, $remember_me))
    {
        return redirect()->intended('dashboard');
    }
    else
    {
        return back()->with('error', 'Wrong Login Details');
    }
}

发送邮件功能如下

function sendEmail(Request $request)
{

    $this->validate($request, ['email' => 'required|exists:users']);

    $email = $request->email;

    $name = User::where('email', $email)->first();
    $name = $name->name;

    $token = Password::getRepository()->createNewToken();
    $link = url("password/reset?email=$email&token=$token");

    $value = Password_resets::where('email', $email)->first();

    if (isset($value))
    {
        Password_resets::where('email', $email)->update(['email' => $email, 'token' => $token]);
    }
    else
    {
        Password_resets::insert(['email' => $email, 'token' => $token]);
    }

    Mail::to($email)->send(new \App\Mail\ResetPassword($link, $name));

    return redirect()->back()->with('success', 'Please check your Email for Password Reset');
}

密码重置功能如下

function resetpasswordchange(Request $request)
{

    $passwordtoken = $request->input('passwordtoken');
    $email = $request->input('email');
    $user_password = $request->input('user_password');

    $users['user'] = Password_resets::where('token', $passwordtoken)->where('email', $email)->get();
    if (empty($users['user'][0]))
    {
        $settoken = '0';

    }
    else
    {
        $settoken = $users['user'][0]->token;

    }

    if (($settoken) == $passwordtoken)
    {

        $update = array(
            'password' => bcrypt($user_password) ,
        );

        User::where('email', $email)->update($update);
       /* Auth::logout();
        auth()->logoutOtherDevices(bcrypt($user_password),'password');*/

        return redirect()->route('login')->with('success', 'Password has been Updated.');

    }
    else
    {
        return redirect()->back()->with('error', 'Token & Email Not Match!.');
    }
}

我如何从他们已经登录的所有浏览器中注销用户？

Answer 1

打开App\Http\Kernel并在protected $middlewareGroups属性内取消注释\Illuminate\Session\Middleware\AuthenticateSession::class中间件。这将比较用户的密码哈希以查看会话是否有效。