Timeout after inactivity

app/Http/Kernel.php

@@ -19,8 +19,10 @@ class Kernel extends HttpKernel {
         'App\Http\Middleware\DuplicateSubmissionCheck',
 		'App\Http\Middleware\QueryLogging',
         'App\Http\Middleware\StartupCheck',
+        'App\Http\Middleware\SessionDataCheckMiddleware',
 	];
 
+
 	/**
 	 * The application's route middleware.
 	 *

app/Http/Middleware/SessionDataCheckMiddleware.php

@@ -0,0 +1,33 @@
+<?php namespace App\Http\Middleware;
+
+use Closure;
+use Auth;
+use Session;
+
+// https://arjunphp.com/laravel5-inactivity-idle-session-logout/
+class SessionDataCheckMiddleware {
+
+    /**
+     * Check session data, if role is not valid logout the request
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next) {
+
+        $bag = Session::getMetadataBag();
+
+        $max = config('session.lifetime') * 60; // minute to second conversion
+
+        if (($bag && $max < (time() - $bag->getLastUsed()))) {
+
+            $request->session()->flush(); // remove all the session data
+
+            Auth::logout(); // logout user
+
+        }
+
+        return $next($request);
+    }
+}