/**
* Logout a user: remove the specified active token from the database
* @param user User
*/
public function logout($user)
{
if (!Input::has('token')) {
return ApiResponse::json('No token given.');
}
$input_token = Input::get('token');
$token = Token::where('key', '=', $input_token)->first();
if (empty($token)) {
return ApiResponse::json('No active session found.');
}
if ($token->user_id !== $user->_id) {
return ApiResponse::errorForbidden('You do not own this token.');
}
if ($token->delete()) {
Log::info('<!> Logged out from : ' . $input_token);
return ApiResponse::json('User logged out successfully.', '202');
} else {
return ApiResponse::errorInternal('User could not log out. Please try again.');
}
}
