I can’t make the logout link work for my simple laravel project. The user needs to login first before going to the dashboard, so I created a route that gets the {id} of the logged in user. and I think thats the reason the page just refreshes and does not logout and redirect to the login page. Ill provide the codes and snippets below.
Web.php file
Route::get('/dashboard/{id}',[CustomAuthController::class, 'dashboard'])->name('dashboard');
Route::get('/logout', [CustomAuthController::class, 'logout']);
Blade.php file
<div class="row" >
<div class="col-12">
<div class="card">
<div class="card-body">
<nav class="breadcrumb">
<a class="breadcrumb-item active " href="dashboard/{id}" >Dashboard</a>
<a class="breadcrumb-item" href="about-us">About us</a>
<a class="breadcrumb-item" href="products">Products</a>
<a class="breadcrumb-item" href="contact-us">Contact Us</a>
</nav>
</div>
</div>
</div>
</div>
<li>
<a href="logout" class="btn waves-effect waves-light btn-danger" style="float:right;">Logout</a>
</li>
Here is the link whenever i click the logout button
http://127.0.0.1:8000/dashboard/logout
Controller.php file for logout
public function logout(){
if(Session::has('loginId')){
Session::pull('loginId');
return redirect('login');
}
}
I tried googling other solutions but with no success. You might know some links I can read about or additional Laravel documentations. Thanks
2
Answers
you’re logout link is wrong change it from
href="logout"tohref="/logout"since its relative it has been trying to reach/dashboard/logoutwhich is incorrect since the routing you’ve set is under/logoutso it has only been redirected back to dashboard because of thisWhile using relative links to logout is easy, it falls more vulnerable to XSS. Switching over to a post route for logout like:
And changing your logout button to include a CSRF token
This adds an extra layer of protection