logout

I am new to Laravel 5 and trying to make a simple authentication page. My problem is i can logout properly after i click to logout link but if i click to back button of the browser, still able to see the content of the page which actually should not be seen with respect to my auth middleware process. I read i can prevent this by disabling caching but don't think it is the best way to do this so how can i make this in a better way ? Simply my logout route is Route::get('logout', array('uses' => 'LoginController@logout')); Logout function is: public function logout() { Auth::logout(); // logout

I want users to be able to log in via HTTP Basic authentication modes. The problem is that I also want them to be able to log out again - weirdly browsers just don't seem to support that. This is considered to be a social-hacking risk - user leaves their machine unlocked and their browser open and someone else can easily visit the site as them. Note that just closing the browser-tab is not enough to reset the token, so it could be an easy thing for users to miss. So I've come up with a workaround, but it's a total cludge: 1) Redirect them to a Logoff page 2) On that page fire a script to ajax

I have seen a lot of questions here regarding the Facebook Graph API but I still haven't find a solution for simple 'login'/'logout' operations using it. Looks like the Single Sign-On style is causing more confusion than benefits. I'd like to know if it is possible have the following situation: Enter in the app (no accessToken / expirationDate created). Perform a login using SSO by calling authorize:delegate: method (application goes background and the login is made in the 'global' scope (Facebook App/Mobile Safari), asking for the user credentials. Enter back in the app (now logged in, both

Hey, I'm trying to get my php website to basically "log out" (session_destroy()) when the same user logs in somewhere else. Is there a way to do this? To remotely destroy a specific session? Thank guys! Scott It's certainly possible, using session_id . When the user logs in somewhere else, you can do this step before starting a new session for the new login: // The hard part: find out what $old_session_id is session_id($old_session_id); session_start(); session_destroy(); // Now proceed to create a new session for the new login This will destroy the old session on the server side, so when the

I'm using OAuth in my web app, and users can login with twitter. I want to add "switch twitter account" button, which actually clears the session and then opens the authorize_url. As clearing the session in my web app doesn't log out of twitter, the authorize_url will automatically authenticate the current twitter.com user. That means I can't do logout, unless I send the user to twitter.com. Is it possible with the API? What is the best way to implement this? The session with Twitter is defined by a cookie owned by Twitter -- something you do not have control over. You cannot log them out of