lab404/laravel-auth-checker

Laravel Auth Checker allows you to log users authentication, devices authenticated from and lock intrusions.

Maintainers

Details

github.com/404labfr/laravel-auth-checker

Source

Issues

Installs: 159 040

Dependents: 2

Suggesters: 0

Security: 0

Stars: 225

Watchers: 12

Forks: 35

Open Issues: 7

pkg:composer/lab404/laravel-auth-checker

3.0.0 2024-05-19 22:15 UTC

Requires

Requires (Dev)

MIT 35bf48262e3e3d848d584d68baa32e7075f19603

  • Marceau Casals <marceau.woop@casals.fr>

packageAuthenticationpluginuserchecklaravelIPdevicelaravel-packagelaravel-plugin

This package is auto-updated.

Last update: 2025-10-20 01:51:26 UTC

README

Build Status Scrutinizer Code Quality

Laravel Auth Checker is a plugin to collect login info and devices used when a user authenticates. It makes it easy to catch user authentication attempts and lockouts from new IP address or new devices.

Example logins table

Requirements

Version Release
11 3.0
9, 10 2.0
8, 9 1.7
6, 7 1.6

Installation

  • Require the package: composer require lab404/laravel-auth-checker
  • Publish migration files: php artisan vendor:publish --tag=auth-checker
  • Migrate your database: php artisan migrate
  • Configure your Authenticatable model (see below)

Usage

This library collects login data and devices data about your users.

Authenticatable model

Your Authenticatable model (usually User) must implement the HasLoginsAndDevicesInterface interface.

The trait HasLoginsAndDevices is provided with for a working default implementation.

use Lab404\AuthChecker\Models\HasLoginsAndDevices;
use Lab404\AuthChecker\Interfaces\HasLoginsAndDevicesInterface;

class User extends Authenticatable implements HasLoginsAndDevicesInterface
{
    // ...
    use HasLoginsAndDevices;  
}

Once configured, you can access the following methods

  • logins() returns all logins
  • auths() returns all successful login attemps
  • fails() returns all failed login attempts
  • lockouts() returns all lockouts

Each login returned is associated with the Device model used

  • devices() returns all devices used by the user to authenticate.

Logins

Calling $user->logins outputs:

[
    [
        'ip_address' => '1.2.3.4',
        'device_id' => 1, // ID of the used device
        'type' => 'auth',
        'device' => [
            // See Devices
        ],
        'created_at' => '2017-03-25 11:42:00',
    ],
    // ...
]

Also, you can directly access logins by their type

  • $user->auths, returns successful logins (via Login::TYPE_LOGIN)
  • $user->fails, returns failed logins (via Login::TYPE_FAILED)
  • $user->lockouts, returns locked out logins (via Login::TYPE_LOCKOUT)

Devices

Calling $user->devices outputs:

[
    [
        'platform' => 'OS X',
        'platform_version' => '10_12_2',
        'browser' => 'Chrome',
        'browser_version' => '54',
        'is_desktop' => true,
        'is_mobile' => false,
        'language' => 'fr-fr',
        'login' => [
          // See logins
        ],
    ],
    // ...
]

Events

There are many events available that can be used to add features to your app

  • LoginCreated is fired when a user authenticates.
  • DeviceCreated is fired when a new device is created for a user.
  • FailedAuth is fired when a user fails to log in.
  • LockoutAuth is fired when authentication is locked for a user (too many attempts).

Each event passes a Login model and a Device model to your listeners.

Tests

vendor/bin/phpunit

Contributors

Licence

MIT