Skip to content

Laravel Auth Checker allows you to log users authentication, devices authenticated from and lock intrusions.

Notifications You must be signed in to change notification settings

404labfr/laravel-auth-checker

Repository files navigation

Laravel Auth Checker

Build Status Scrutinizer Code Quality

Laravel Auth Checker is a plugin to collect login info and devices used when a user authenticates. It makes it easy to catch user authentication attempts and lockouts from new IP address or new devices.

Example logins table

Requirements

Version Release
11 3.0
9, 10 2.0
8, 9 1.7
6, 7 1.6

Installation

  • Require the package: composer require lab404/laravel-auth-checker
  • Publish migration files: php artisan vendor:publish --tag=auth-checker
  • Migrate your database: php artisan migrate
  • Configure your Authenticatable model (see below)

Usage

This library collects login data and devices data about your users.

Authenticatable model

Your Authenticatable model (usually User) must implement the HasLoginsAndDevicesInterface interface.

The trait HasLoginsAndDevices is provided with for a working default implementation.

use Lab404\AuthChecker\Models\HasLoginsAndDevices;
use Lab404\AuthChecker\Interfaces\HasLoginsAndDevicesInterface;

class User extends Authenticatable implements HasLoginsAndDevicesInterface
{
    // ...
    use HasLoginsAndDevices;  
}

Once configured, you can access the following methods

  • logins() returns all logins
  • auths() returns all successful login attemps
  • fails() returns all failed login attempts
  • lockouts() returns all lockouts

Each login returned is associated with the Device model used

  • devices() returns all devices used by the user to authenticate.

Logins

Calling $user->logins outputs:

[
    [
        'ip_address' => '1.2.3.4',
        'device_id' => 1, // ID of the used device
        'type' => 'auth',
        'device' => [
            // See Devices
        ],
        'created_at' => '2017-03-25 11:42:00',
    ],
    // ...
]

Also, you can directly access logins by their type

  • $user->auths, returns successful logins (via Login::TYPE_LOGIN)
  • $user->fails, returns failed logins (via Login::TYPE_FAILED)
  • $user->lockouts, returns locked out logins (via Login::TYPE_LOCKOUT)

Devices

Calling $user->devices outputs:

[
    [
        'platform' => 'OS X',
        'platform_version' => '10_12_2',
        'browser' => 'Chrome',
        'browser_version' => '54',
        'is_desktop' => true,
        'is_mobile' => false,
        'language' => 'fr-fr',
        'login' => [
          // See logins
        ],
    ],
    // ...
]

Events

There are many events available that can be used to add features to your app

  • LoginCreated is fired when a user authenticates.
  • DeviceCreated is fired when a new device is created for a user.
  • FailedAuth is fired when a user fails to log in.
  • LockoutAuth is fired when authentication is locked for a user (too many attempts).

Each event passes a Login model and a Device model to your listeners.

Tests

vendor/bin/phpunit

Contributors

Licence

MIT

About

Laravel Auth Checker allows you to log users authentication, devices authenticated from and lock intrusions.

Topics

Resources

Stars

Watchers

Forks

Packages

No packages published

Languages