/** * Logout a user: remove the specified active token from the database * @param user User */ public function logout($user) { if (!Input::has('token')) { return ApiResponse::json('No token given.'); } $input_token = Input::get('token'); $token = Token::where('key', '=', $input_token)->first(); if (empty($token)) { return ApiResponse::json('No active session found.'); } if ($token->user_id !== $user->_id) { return ApiResponse::errorForbidden('You do not own this token.'); } if ($token->delete()) { Log::info('<!> Logged out from : ' . $input_token); return ApiResponse::json('User logged out successfully.', '202'); } else { return ApiResponse::errorInternal('User could not log out. Please try again.'); } }