Remove 2fa_authed from session upon logout

marcusmoore · marcusmoore · commit cc06187f31d9 · 2025-05-07T14:04:33.000-07:00
diff --git a/app/Http/Controllers/Auth/LoginController.php b/app/Http/Controllers/Auth/LoginController.php
@@ -484,6 +484,7 @@ public function logout(Request $request)
         }
 
         $request->session()->regenerate(true);
+        $request->session()->forget('2fa_authed');
 
         if ($request->session()->has('password_hash_'.Auth::getDefaultDriver())){
             $request->session()->remove('password_hash_'.Auth::getDefaultDriver());

Original file line number	Diff line number	Diff line change
`@@ -484,6 +484,7 @@ public function logout(Request $request)`
`484`	`484`	`}`
`485`	`485`
`486`	`486`	`$request->session()->regenerate(true);`
	`487`	`+ $request->session()->forget('2fa_authed');`
`487`	`488`
`488`	`489`	`if ($request->session()->has('password_hash_'.Auth::getDefaultDriver())){`
`489`	`490`	`$request->session()->remove('password_hash_'.Auth::getDefaultDriver());`