Log out users from all devices on Laravel passport

Imagine a instance where you have to logout all the user from your system that uses Laravel passport oauth2 library to authenticate API users. IN this situation what we can do is revoke an access token and refresh token.

To do so, we use function provided by Laravel Passport. It is called as RefreshTokenRepository and the function is revokeRefreshTokensByAccessTokenId.

In code we can do this as follows:

$refreshTokenRepository = app(\Laravel\Passport\RefreshTokenRepository::class);

foreach(User::find($id)->tokens as $token) {

$token->revoke();

$refreshTokenRepository->revokeRefreshTokensByAccessTokenId($token->id);

}

Here we have created a variable called $refreshTokenRepository and initialized the repository for our application. After token revoking we immediately add the function by knowing $token->id.

hence we successfully logged out indented users from our system.