Download the PHP package allyans3/laravel-auth-tracker without Composer

On this page you can find all versions of the php package allyans3/laravel-auth-tracker. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.

FAQ

After the download, you have to make one include require_once('vendor/autoload.php');. After that you have to import the classes with use statements.

Example:
If you use only one package a project is not needed. But if you use more then one package, without a project it is not possible to import the classes with use statements.

In general, it is recommended to use always a project to download your libraries. In an application normally there is more than one library needed.
Some PHP packages are not free to download and because of that hosted in private repositories. In this case some credentials are needed to access such packages. Please use the auth.json textarea to insert credentials, if a package is coming from a private repository. You can look here for more information.

  • Some hosting areas are not accessible by a terminal or SSH. Then it is not possible to use Composer.
  • To use Composer is sometimes complicated. Especially for beginners.
  • Composer needs much resources. Sometimes they are not available on a simple webspace.
  • If you are using private repositories you don't need to share your credentials. You can set up everything on our site and then you provide a simple download link to your team member.
  • Simplify your Composer build process. Use our own command line tool to download the vendor folder as binary. This makes your build process faster and you don't need to expose your credentials for private repositories.
Please rate this library. Is it a good library?

Informations about the package laravel-auth-tracker

Laravel Auth Tracker

Track and manage sessions, Passport tokens and Sanctum tokens in Laravel.

This package allows you to track separately each login (session or token), attaching informations by parsing the User-Agent and saving the IP address.

Using a supported provider or creating your own custom providers, you can collect even more informations with an IP address lookup to get, for example, the geolocation.

You can revoke every single session/token or all at once. In case of sessions with remember tokens, every session has its own remember token. This way, you can revoke a session without affecting the others.

Compatibility

Installation

/!\ This documentation is for the v3 (WIP). The documentation for the latest release (v2) is available here: https://github.com/alajusticia/laravel-auth-tracker/tree/v2

Install the package with composer:

Publish the configuration file (config/auth_tracker.php) with:

Create the logins table

Before running the migrations, you can change the name of the table that will be used to save the logins (named by default logins) with the table_name option of the configuration file.

Launch the database migrations to create the required table:

Prepare your authenticatable models

In order to track the logins of your app's users, add the ALajusticia\AuthTracker\Traits\AuthTracking trait on each of your authenticatable models that you want to track:

Choose and install a user-agent parser

This package relies on a User-Agent parser to extract the informations.

Currently, it supports two of the most popular parsers:

Before using the Auth Tracker, you need to choose a supported parser, install it and indicate in the configuration file which one you want to use.

Configure the user provider (optional)

This step is optional if your application has only stateless authentication.

If you want to use the Auth Tracker for stateful authentication, this package comes with a modified Eloquent user provider that retrieve remembered users from the logins table instead of the users table.

In your config/auth.php configuration file, use the eloquent-tracked driver in the user providers list for the users you want to track:

Laravel Sanctum

In the actual version (2.9) of the Laravel Sanctum package, there is no event allowing us to know when an API token is created.

If you are issuing API tokens with Laravel Sanctum and want to enable auth tracking, you will have to dispatch an event provided by the Auth Tracker.

Dispatch the ALajusticia\AuthTracker\Events\PersonalAccessTokenCreated event passing the personal access token newly created by the createToken method of the Laravel Sanctum trait.

Based on the example provided by the Laravel Sanctum documentation, it might look like this:

Usage

The AuthTracking trait provided by this package surcharge your users models with methods to list their logins and to give you full individual control on them.

Retrieving the logins

Get all the logins

Get the current login

Check for the current login

Each login instance comes with a dynamic is_current attribute. It's a boolean that indicates if the login instance is the current login.

Revoking logins

Revoke a specific login

To revoke a specific login, use the logout method with the ID of the login you want to revoke. If no parameter is given, the current login will be revoked.

Revoke all the logins

We can destroy all the sessions and revoke all the Passport/Sanctum tokens by using the logoutAll method. Useful when, for example, the user's password is modified and we want to logout all the devices.

This feature destroys all sessions, even those remembered.

Revoke all the logins except the current one

The logoutOthers method acts in the same way as the logoutAll method except that it keeps the current session or Passport/Sanctum token alive.

Events

Login

On a new login, you can listen to the event ALajusticia\AuthTracker\Events\Login. It receives a RequestContext object containing all the informations collected on the request, accessible on the event with the context property.

Properties available:

Methods available:

Methods available in the parser:

Methods available in the IP address lookup provider:

IP address lookup

By default, the Auth Tracker collects the IP address and the informations given by the User-Agent header.

But you can go even further and collect other informations about the IP address, like the geolocation.

To do so, you first have to enable the IP lookup feature in the configuration file.

This package comes with two officially supported providers for IP address lookup (see the IP Address Lookup section in the config/auth_tracker.php configuration file).

Ip2Location Lite DB3

This package officially support the IP address geolocation with the Ip2Location Lite DB3.

Here are the steps to enable and use it:

Custom provider

You can add your own providers by creating a class that implements the ALajusticia\AuthTracker\Interfaces\IpProvider interface and use the ALajusticia\AuthTracker\Traits\MakesApiCalls trait.

Your custom class have to be registered in the custom_providers array of the configuration file.

Let's see an example of an IP lookup provider with the built-in IpApi provider:

As you can see, the class has a getRequest method that must return a GuzzleHttp\Psr7\Request instance.

Guzzle utilizes PSR-7 as the HTTP message interface. Check its documentation: http://docs.guzzlephp.org/en/stable/psr7.html

The IpProvider interface comes with required methods related to the geolocation. All keys of the API response are accessible in your provider via $this->result, which is a Laravel collection.

If you want to collect other informations, you can add a getCustomData method in your custom provider. This custom data will be saved in the logins table in the ip_data JSON column. Let's see an example of additional data:

Handle API errors

In case of an exception throwed during the API call of your IP address lookup provider, the FailedApiCall event is fired by this package.

This event has an exception attribute containing the GuzzleHttp\Exception\TransferException (see Guzzle documentation).

You can listen to this event to add your own logic.

Blade directives

Check if the auth tracking is enabled for the current user:

Check if the IP lookup feature is enabled:

License

Open source, licensed under the MIT license.


All versions of laravel-auth-tracker with dependencies

PHP Build Version
Package Version
Requires php Version ^7.2.5|^8.0
alajusticia/laravel-expirable Version ^1.3
Composer command for our command line client (download client) This client runs in each environment. You don't need a specific PHP version etc. The first 20 API calls are free. Standard composer command

The package allyans3/laravel-auth-tracker contains the following files

Loading the files please wait ....