feat: clear session cookie on logout

digital-entropy · Oct 10, 2024 · cd59e26 · cd59e26
1 parent 4dd2fe8
commit cd59e26
Show file tree

Hide file tree

Showing 4 changed files with 46 additions and 0 deletions.
diff --git a/src/Cookie/AbstractCookieLayer.php b/src/Cookie/AbstractCookieLayer.php
@@ -20,6 +20,11 @@ public function setCookie(string $key): void
         cookie()->queue(cookie($this->getName(), $this->generate($key), 60 * 24 * 365));
     }
 
+    public function clearCookie(): void
+    {
+        cookie()->queue(cookie()->forget($this->getName()));
+    }
+
     public function verify(string $key): bool
     {
         if ($this->getCookieValue() === '' || $this->getCookieValue() === '0') {

diff --git a/src/Listeners/ClearStoredSessionIP.php b/src/Listeners/ClearStoredSessionIP.php
@@ -0,0 +1,17 @@
+<?php
+
+namespace Dentro\Paranoia\Listeners;
+
+use Dentro\Paranoia\Cookie\CookieLayer;
+use Dentro\Paranoia\Paranoia;
+use Illuminate\Auth\Events\Logout;
+
+class ClearStoredSessionIP
+{
+    public function handle(Logout $event, Paranoia $driver): void
+    {
+        if ($driver->useCookieForIP()) {
+            $driver->cookieLayer(CookieLayer::IP)->clearCookie();
+        }
+    }
+}
diff --git a/src/Listeners/ClearStoredSessionUserAgent.php b/src/Listeners/ClearStoredSessionUserAgent.php
@@ -0,0 +1,17 @@
+<?php
+
+namespace Dentro\Paranoia\Listeners;
+
+use Dentro\Paranoia\Cookie\CookieLayer;
+use Dentro\Paranoia\Paranoia;
+use Illuminate\Auth\Events\Logout;
+
+class ClearStoredSessionUserAgent
+{
+    public function handle(Logout $event, Paranoia $driver): void
+    {
+        if ($driver->useCookieForUserAgent()) {
+            $driver->cookieLayer(CookieLayer::USER_AGENT)->clearCookie();
+        }
+    }
+}
diff --git a/src/Providers/EventServiceProvider.php b/src/Providers/EventServiceProvider.php
@@ -4,9 +4,12 @@
 
 namespace Dentro\Paranoia\Providers;
 
+use Dentro\Paranoia\Listeners\ClearStoredSessionIP;
+use Dentro\Paranoia\Listeners\ClearStoredSessionUserAgent;
 use Dentro\Paranoia\Listeners\StoreSessionIP;
 use Dentro\Paranoia\Listeners\StoreSessionUserAgent;
 use Illuminate\Auth\Events\Login;
+use Illuminate\Auth\Events\Logout;
 use Illuminate\Events\EventServiceProvider as ServiceProvider;
 
 class EventServiceProvider extends ServiceProvider
@@ -19,5 +22,9 @@ class EventServiceProvider extends ServiceProvider
             StoreSessionIP::class,
             StoreSessionUserAgent::class,
         ],
+        Logout::class => [
+            ClearStoredSessionIP::class,
+            ClearStoredSessionUserAgent::class,
+        ],
     ];
 }