This is a routine that will remove all two-factor related information from the session, when the user logs out. See issue #219

2025-02-25 18:45:27 -06:00 · 2016-03-19 16:21:50 +01:00 · 2016-03-19 16:21:50 +01:00 · f31e62a532
commit f31e62a532
parent 34c195159e
1 changed files with 32 additions and 0 deletions
--- a/app/Handlers/Events/UserEventListener.php
+++ b/app/Handlers/Events/UserEventListener.php
@ -0,0 +1,32 @@
+<?php
+/**
+ * UserEventListener.php
+ * Copyright (C) 2016 Sander Dorigo
+ *
+ * This software may be modified and distributed under the terms
+ * of the MIT license.  See the LICENSE file for details.
+ */
+
+namespace FireflyIII\Handlers\Events;
+
+use Session;
+
+/**
+ * Class UserEventListener
+ *
+ * @package FireflyIII\Handlers\Events
+ */
+class UserEventListener
+{
+    /**
+     * Handle user logout events.
+     */
+    public function onUserLogout($event)
+    {
+        // dump stuff from the session:
+        Session::forget('twofactor-authenticated');
+        Session::forget('twofactor-authenticated-date');
+
+        return true;
+    }
+}