PHP code example of marventhieme / laravel-authorization-logger

1. Go to this page and download the library: Download marventhieme/laravel-authorization-logger library. Choose the download type require.

2. Extract the ZIP file and open the index.php.

3. Add this code to the index.php.
    
        
<?php
require_once('vendor/autoload.php');

/* Start to develop here. Best regards https://php-download.com/ */

    

marventhieme / laravel-authorization-logger example snippets


return [
    // Enable/disable logging globally
    'enabled' => env('AUTHORIZATION_LOGGING_ENABLED', true),

    // Log handlers pipeline - data flows through each handler
    'handlers' => [
        \MarvenThieme\LaravelAuthorizationLogger\Handlers\DebugToRay::class,
        \MarvenThieme\LaravelAuthorizationLogger\Handlers\WriteToDatabase::class,
        // \MarvenThieme\LaravelAuthorizationLogger\Handlers\WriteToLog::class,
    ],

    // HTTP methods to skip logging (e.g., ['GET', 'HEAD'])
    'http_methods_to_ignore' => [],

    // Classes to ignore in the stack trace
    'classes_to_ignore' => [
        \Illuminate\Http\Resources\Json\JsonResource::class,
    ],

    // Sensitive fields filtered from request bodies
    'sensitive_fields' => [
        'password', 'password_confirmation', 'token', 'api_token',
        'secret', 'private_key', 'card_number', 'cvv', 'ssn',
        // ... see config file for full list
    ],

    // Maximum request body size in bytes
    'max_body_size' => env('AUTHORIZATION_LOGGING_MAX_BODY_SIZE', 10240),

    // Log channel for WriteToLog handler
    'log_channel' => env('AUTHORIZATION_LOGGING_CHANNEL', 'daily'),

    'database' => [
        // Days to keep logs before pruning
        'prunable_after_days' => env('AUTHORIZATION_LOGGING_PRUNABLE_AFTER_DAYS', 30),
    ],
];

// In your controller
$this->authorize('update', $post); // Fails if user can't update

// Automatically logs:
// - User: ID, IP, roles
// - Policy: PostPolicy::update
// - Model: App\Models\Post #123
// - Request: POST /posts/123, referrer, body

Gate::authorize('admin-only-feature'); // Fails for non-admins

// Automatically logs:
// - User: ID, IP, roles
// - Ability: admin-only-feature
// - Request: Current request context

'handlers' => [
    \MarvenThieme\LaravelAuthorizationLogger\Handlers\DebugToRay::class,
],

'handlers' => [
    \MarvenThieme\LaravelAuthorizationLogger\Handlers\WriteToDatabase::class,
],

use MarvenThieme\LaravelAuthorizationLogger\Models\AuthorizationDenial;

// Recent denials for a user
$denials = AuthorizationDenial::where('user_id', $userId)
    ->orderBy('logged_at', 'desc')
    ->get();

// Denials for a specific ability
$denials = AuthorizationDenial::where('ability', 'update')
    ->where('model_class', Post::class)
    ->get();

'handlers' => [
    \MarvenThieme\LaravelAuthorizationLogger\Handlers\WriteToLog::class,
],

'log_channel' => env('AUTHORIZATION_LOGGING_CHANNEL', 'daily'),

namespace App\Handlers;

use MarvenThieme\LaravelAuthorizationLogger\Contracts\LogHandler;
use MarvenThieme\LaravelAuthorizationLogger\Objects\LogData;

class SendToSlack implements LogHandler
{
    public function handle(LogData $logData): void
    {
        // Send to Slack, email, external API, etc.
        // Access data: $logData->userContext, $logData->policyContext, $logData->requestContext
    }
}

'handlers' => [
    \App\Handlers\SendToSlack::class,
],

// Event info
$logData->event;      // "Authorization Denied"
$logData->timestamp;  // ISO8601 timestamp

// User context
$logData->userContext->type;        // "authenticated" or "anonymous"
$logData->userContext->userId;      // User ID or null
$logData->userContext->ipAddress;   // IP address
$logData->userContext->roles;       // Array of role names (if using Spatie Permission)

// Policy context
$logData->policyContext->ability;       // "update", "delete", etc.
$logData->policyContext->policyClass;   // "App\Policies\PostPolicy"
$logData->policyContext->policyMethod;  // "update"
$logData->policyContext->modelClass;    // "App\Models\Post"
$logData->policyContext->modelId;       // 123

// Request context
$logData->requestContext->method;     // "POST"
$logData->requestContext->url;        // "https://example.com/posts/123"
$logData->requestContext->endpoint;   // "/posts/123"
$logData->requestContext->routeName;  // "posts.update"
$logData->requestContext->referrer;   // Previous URL or null
$logData->requestContext->body;       // Sanitized request body

'database' => [
    'prunable_after_days' => env('AUTHORIZATION_LOGGING_PRUNABLE_AFTER_DAYS', 30),
],

protected function schedule(Schedule $schedule)
{
    $schedule->command('model:prune')->daily();
}

'http_methods_to_ignore' => ['GET', 'HEAD'],

'classes_to_ignore' => [
    \Illuminate\Http\Resources\Json\JsonResource::class,
    // Add your own classes here
],

'sensitive_fields' => [
    'password',
    'api_key',
    'your_custom_secret_field',
],
bash
php artisan vendor:publish --tag="laravel-authorization-logger-migrations"
php artisan migrate
bash
php artisan vendor:publish --tag="laravel-authorization-logger-config"