There is no mechanism to detect a user timeout, such a timeout doesn't exist. The login times out simply because the session times out, and when that happens, the session is gone. You might be able to access expired sessions in the database, but due to garbage collection, that isn't fool-proof too.
We have one app that uses an additional timestamp field in the user record, that is updated on every Auth::check() call, so you can query the users table, for example for users that haven't done a pageload in the last 15 minutes. So it is not related to the session.
You could use a similar method but find another way of updating the timestamp, so you can call Auth::check(), and if logged in, get the users last active timestamp. If that is longer ago than your timeout, call Auth::logout() and redirect to your URL, if not, update the timestamp.
Donate
