Everything works fine,except that if the user logs out and then uses the back button in the browser he/she is back into the program with full powers. This is BAD.
Try actually using that power for anything. Click any link that requires you to be logged in to access and the auth filter should kick in.
In your filter.php file .. Use this ...
App::after(function($request, $response)
{
$response->headers->set('Cache-Control','nocache, no-store, max-age=0, must-revalidate');
$response->headers->set('Pragma','no-cache');
$response->headers->set('Expires','Fri, 01 Jan 1990 00:00:00 GMT');
});
I would recommend to modift what @Amit5291 suggested. Doing exactly what he noted will invalidate cache every page request and is not something you wanna do.
Insted do it only for your logout route.
Change your ..routes.php to apply the invalidate-browser-cache filter
Route::get('logout','UserController@logout')->after('invalidate-browser-cache');
Add this to your ..filters.php
Route::filter('invalidate-browser-cache', function($request, $response)
{
$response->headers->set('Cache-Control','nocache, no-store, max-age=0, must-revalidate');
$response->headers->set('Pragma','no-cache');
$response->headers->set('Expires','Fri, 01 Jan 1990 00:00:00 GMT');
});
Not best way but its work for me. Don't directly redirect to login when user logout. Refresh or redirect current page(dashboard). When refresh current page its will automatically redirect to login because of filter and browser can't remember your *** dashboard *** page.
...
public function logout() {
Auth::logout();
return Redirect::to('dashboard');
} // logout() {ends}
...
Sorry for my english .
Sign in to participate in this thread!
Laravel
Laravel News
Laracasts
Laravel Podcast