how to completely logout in laravel 5.5 controller?

Question

After I logout of my laravel application, in the browser I press the button to backward (go back) and then I see the dashboard.

I want to eliminate this "session" that laravel mantein if I go back.

can anyone help me?

EDIT: I have two login files, one is inside the Controllers/Auth and another is inside the Controller/. I'm sure this is not a good practice, but it's keeping my system up and running. how to solve this?

Controllers/Auth/LoginController.php

<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;

use App\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Session;


class LoginController extends Controller
{
    /*
    |--------------------------------------------------------------------------
    | Login Controller
    |--------------------------------------------------------------------------
    |
    | This controller handles authenticating users for the application and
    | redirecting them to your home screen. The controller uses a trait
    | to conveniently provide its functionality to your applications.
    |
    */

    use AuthenticatesUsers;

    /**
     * Where to redirect users after login.
     *
     * @var string
     */
    protected $redirectTo = '/';

    /**
     * Create a new controller instance.
     *
     * @return void
     */

    private $user;

}

my Login Controllers/LoginController.php ->

<?php

namespace App\Http\Controllers;

use App\User;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Session;


class LoginController extends Controller
{
    private $user;


    public function logout(){
        Auth::logout();
        \Session::flash('success',"logout");
        return redirect()->route('login');
    }

}

my DashboardController ->

use App\Authorization;
use App\BackLog;
use App\Key;
use App\isKeyInUse;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Illuminate\Support\Facades\Redirect;

class DashboardController extends Controller
{

    public function index() {

        return view('dashboard');
    }


}

my web.php ->

<?php

Route::get('/', 'LoginController@login')->name('login');
Route::get('auth/logout', 'Auth\LoginController@logout')->name('logout');

Route::get('/dashboard', 'DashboardController@index')->name('dashboard')->middleware('auth');
Route::post('/dashboard/getKey', 'DashboardController@getKey')->name('dashboard.key')->middleware('auth');

Answer 1

In Laravel 7.x, you can logout from the controller by using the following command:

Auth::logout()

Answer 2

This is happening because caching. to prevent that we can create a middleware that intercepts every request and set the cache to expire in0 time and thus it will force the page to reload when the user press the back button here's the steps to create the middleware :

first

create a middleware i will call it MyAuth:

php artisan make:middleware MyAuth

second

register the middleware in app/Http/kernel.php

 protected $routeMiddleware = [
      ...,
      'my_auth' => \App\Http\Middleware\MyAuth::class,
   ];

third

in the newly created middleware app/Http/Middleware/MyAuth.php

public function handle($request, Closure $next, $guard = null)
    {
         $response =  $next($request);   
         return $response
                ->withHeaders([
                    'Cache-Control' => 'no-store, no-cache, must-revalidate',
                    'Pragma'=> 'no-cache',
                    'Expires' => '0'
                ]);
        }
  }

Then

you can add your middleware like so:

Route::group(['middleware' => 'my_auth'], function() {
  
  // All your routes you want to be secure

});

This code has been derived from this video

Answer 3

Pressing the Back button of your browser will load the previously loaded document. It is just visible but will not work for sure. For this you just have to override back press event from javascript.

See link How to Detect Browser Back Button event - Cross Browser

Answer 4

You are missing Request in logout function

    public function logout(Request $request){
        Auth::logout();
        \Session::flash('success',"logout");
        return redirect()->route('login');
    }

And write in your dashboard controller

public function __construct() 
{
    $this->middleware('auth');
}

Answer 5

Insert these lines to your Dashboard controller and then check:

public function __contruct() 
{
    $this->middleware('auth');
}

This will check user is logged in or not? If user is loggedout, then it send to specific login page as you defined in auth middleware.