I want to clear all sessions for all users in my Laravel application.
What I have tried
I understand that
Auth::logout() will log out a single user, but not all users. I have also tried deleting the session files from
storage/framework/sessions. Neither have worked.
I am using the built in Authentication (e.g.
Auth) and the file driver for sessions running Laravel 5.2.
How can I effectively force logout for all logged in users so they have to log in again?
It’s worth noting that Laravel actually only stores active sessions in the session folder; those that are ‘remembered’ but haven’t been actively accessing your application do not count among these sessions. As such, just deleting the files won’t finish the job.
You must also clear all Remember Tokens from the users table, as this token is used in conjunction with the local token stored in the cookie to re-create the session when a user reconnects.
in app/session.php you can change cookie value, so user will automatically logout because of cookie is not match with the config