logout fix

sinbadxiii · May 16, 2022 · 6deda68 · 6deda68
1 parent 35090ae
commit 6deda68
Show file tree

Hide file tree

Showing 2 changed files with 16 additions and 9 deletions.
diff --git a/src/Guards/SessionGuard.php b/src/Guards/SessionGuard.php
@@ -202,16 +202,20 @@ public function logout()
     {
         $user = $this->user();
 
-        if ($this->user && ($tokenRemember = $this->user->getRememberToken())) {
-            $tokenRemember->delete();
-        }
+        $recaller = $this->recaller();
 
-        $this->session->remove($this->getName());
+        if ($recaller !== null) {
+            $tokenRemember = $user->getRememberToken($recaller->token());
+
+            if ($tokenRemember) {
+                $tokenRemember->delete();
+            }
 
-        if (! is_null($this->recaller())) {
             $this->cookies->get($this->getRememberName())->delete();
         }
 
+        $this->session->remove($this->getName());
+
         $this->event(new Logout($user));
 
         $this->user = null;

diff --git a/src/Middlewares/Authenticate.php b/src/Middlewares/Authenticate.php
@@ -11,7 +11,8 @@
  */
 class Authenticate extends Injectable implements AuthenticatesRequest
 {
-    private const PROPERTY_AUTH_ACCESS = "authAccess";
+    private const PROPERTY_AUTH_ACCESS   = "authAccess";
+    private const AUTH_ACCESS_BY_DEFAULT = true;
 
     /**
      * @var Dispatcher
@@ -60,8 +61,10 @@ protected function isGuest()
     {
         $controller = $this->dispatcher->getControllerClass();
 
-        return !(new $controller)->authAccess() ||
-            (property_exists($controller, self::PROPERTY_AUTH_ACCESS) &&
-                (new $controller)->authAccess === false);
+        $authAccess = property_exists($controller, self::PROPERTY_AUTH_ACCESS) ?
+            (new $controller)->authAccess : self::AUTH_ACCESS_BY_DEFAULT;
+
+        return (method_exists($controller, 'authAccess') &&
+                !(new $controller)->authAccess()) || $authAccess === false;
     }
 }