Download the PHP package marventhieme/laravel-authorization-logger without Composer
On this page you can find all versions of the php package marventhieme/laravel-authorization-logger. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download marventhieme/laravel-authorization-logger
More information about marventhieme/laravel-authorization-logger
Files in marventhieme/laravel-authorization-logger
Package laravel-authorization-logger
Short Description A Laravel package for logging authorization denials with user context, policy information, and configurable drivers (Ray, Database, Log).
License MIT
Homepage https://github.com/marventhieme/laravel-authorization-logger
Informations about the package laravel-authorization-logger
Laravel Authorization Logger
A Laravel package that automatically logs authorization denials (failed Gate::allows() and policy checks) with comprehensive context including user information, policy details, request data, and the referrer URL. Perfect for security auditing, debugging authorization issues, and monitoring unauthorized access attempts.
Features
- Automatic Logging: Hooks into Laravel's Gate system to automatically log all authorization denials
- Rich Context: Captures user, policy, and request information including:
- User ID, IP address, and roles (Spatie Laravel Permission compatible)
- Policy class, method, and ability being checked
- Model class and ID (if applicable)
- Request method, URL, endpoint, route name, and referrer
- Sanitized request body with sensitive field filtering
- Multiple Handlers: Built-in handlers for Ray, Laravel Log, and Database storage
- Flexible Configuration: Fine-tune what gets logged and what gets ignored
- Database Pruning: Automatic cleanup of old logs with configurable retention periods
- Security Focused: Automatically filters sensitive fields like passwords and tokens
- Custom Handlers: Easy to create your own log handlers for any destination
Installation
Install the package via Composer:
Database Setup
Publish and run the migrations:
This creates an authorization_denials table to store authorization denial logs.
Configuration
Publish the config file:
This will create config/authorization-logger.php with the following options:
Usage
Once installed, the package works automatically. Any authorization denial will be logged according to your configuration.
Example Scenarios
Policy denial:
Gate denial:
Available Handlers
DebugToRay
Sends authorization denials to Ray for real-time debugging.
WriteToDatabase
Stores denials in the authorization_denials table.
Query the database:
WriteToLog
Writes denials to Laravel's log system.
Configure the log channel:
Creating Custom Handlers
Create your own handler by implementing the LogHandler contract:
Register it in config:
LogData Structure
The LogData object passed to handlers contains:
Database Pruning
The package uses Laravel's model pruning to automatically clean up old logs. Configure retention in your config:
Schedule the pruning command in app/Console/Kernel.php:
Advanced Configuration
Ignoring Specific HTTP Methods
Skip logging for GET requests (useful for reducing noise from UI checks):
Ignoring Specific Classes
By default, authorization checks from JSON Resources are ignored:
Custom Sensitive Fields
Add your own fields to filter from request bodies:
Environment Variables
Available environment variables for quick configuration:
Testing
Changelog
Please see CHANGELOG for more information on what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security Vulnerabilities
Please review our security policy on how to report security vulnerabilities.
Credits
- Marven Thieme
- All Contributors
License
The MIT License (MIT). Please see License File for more information.
All versions of laravel-authorization-logger with dependencies
illuminate/contracts Version ^11.0||^12.0||^13.0
spatie/laravel-package-tools Version ^1.92