Original Post http://laravel-tricks.com/tricks/session-timeout-for-logged-in-user

This Middleware made it super easy to satisfy a requirement to log the user out after 15 minutes of in activity.

I added only a few touchups.

One was the getTimeOut this was so I can work locally and override this by setting it to a large number. I could even use it to just bypass the whole things for a bit since on local I rather not deal with this.

Also I removed the message count since it just was not needed for what I was doing.

<?php namespace App\Http\Middleware;
use Closure;
use Illuminate\Support\Facades\Auth;
use Illuminate\Session\Store;
class SessionTimeout {
    protected $session;
    protected $timeout=900;
    public function __construct(Store $session){
        $this->session=$session;
    }
    /**
     * Handle an incoming request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @param  \Closure  $next
     * @return mixed
     */
    public function handle($request, Closure $next)
    {
        if(!$this->session->has('lastActivityTime'))
            $this->session->put('lastActivityTime',time());
        elseif(time() - $this->session->get('lastActivityTime') > $this->getTimeOut()){
            $this->session->forget('lastActivityTime');
            Auth::logout();
            return redirect('auth/login')->withErrors(['You had not activity in 15 minutes']);
        }
        $this->session->put('lastActivityTime',time());
        return $next($request);
    }

    protected function getTimeOut()
    {
        return (env('TIMEOUT')) ?: $this->timeout;
    }
}