codebyray/laravel-auth-log

记录用户认证细节并发送新设备通知。

维护者

详细信息

github.com/codebyray/laravel-auth-log

主页

源代码

问题

安装: 127

依赖: 0

建议者: 0

安全: 0

星标: 1

关注者: 1

分支: 0

开放问题: 0

v1.0.0 2022-09-30 07:03 UTC

Requires

Requires (Dev)

MIT 9b0ffe28a3c11a2d1e0d5794ab523727c30c0407

  • CodebyRay <dev.woop@codebyray.com>

laravelcodebyraylaravel-auth-log

This package is auto-updated.

Last update: 2024-08-29 06:23:15 UTC

README

Laravel Auth Log 是一个包,用于跟踪用户的认证信息,如登录/登出时间、IP、浏览器、位置等,并通过邮件、Slack 或短信发送新设备和失败登录的通知。

文档、安装和使用说明

安装

通过 composer 安装包

composer require codebyray/laravel-auth-log

如果您想使用位置功能,您需要安装 torann/geoip

composer require torann/geoip

如果您选择安装 torann/geop,您应该发布配置文件

php artisan vendor:publish --provider="Torann\GeoIP\GeoIPServiceProvider" --tag=config

设置 / 配置

发布并运行迁移

php artisan vendor:publish --provider="Codebyray\LaravelAuthLog\LaravelAuthLogServiceProvider" --tag="auth-log-migrations"
php artisan migrate

发布视图和电子邮件文件

php artisan vendor:publish --provider="Codebyray\LaravelAuthLog\LaravelAuthnLogServiceProvider" --tag="auth-log-views"

发布配置文件

php artisan vendor:publish --provider="Codebyray\LaravelAuthLog\LaravelAuthLogServiceProvider" --tag="auth-log-config"

配置文件内容

return [

    /*
    |--------------------------------------------------------------------------
    | Database Table Name
    |--------------------------------------------------------------------------
    | 
    | You can change the database table name if you wish. For most cases this
    | does not need to be modified
    |
    */
    'table_name' => 'auth_log',

    /*
    |--------------------------------------------------------------------------
    | Database Connection
    |--------------------------------------------------------------------------
    | 
    | This is the connection to the database at which the auth_log table resides.
    | Leave this as null to use your applications default database connection.
    |
    */
    'db_connection' => null,

    /*
    |--------------------------------------------------------------------------
    | Events Listened For
    |--------------------------------------------------------------------------
    | 
    | These are the events this package will listen for and log.
    |
    */
    'events' => [
        'login' => \Illuminate\Auth\Events\Login::class,
        'failed' => \Illuminate\Auth\Events\Failed::class,
        'logout' => \Illuminate\Auth\Events\Logout::class,
        'logout-other-devices' => \Illuminate\Auth\Events\OtherDeviceLogout::class,
    ],

    /*
    |--------------------------------------------------------------------------
    | Notifications Configuration
    |--------------------------------------------------------------------------
    | 
    | This is where we setup the notifications that are sent out.
    |
    | new-device
    |   enabled
    |       - If enabled is set to true, a notification will be sent when a user logs 
    |         in with a new device.
    |   location
    |       - If set to true, the location of the user will be sent with the notification.
    |         Notice: You must have installed torann/geoip for this to work.
    |   template
    |       - The notification class iused to send the notification.
    |
    | failed-login
    |   enabled
    |       - If enabled is set to true, a notification will be sent when a user login 
    |         has failed.
    |   location
    |       - If set to true, the location of the user will be sent with the notification.
    |         Notice: You must have installed torann/geoip for this to work.
    |   template
    |       - The notification class iused to send the notification.
    |
    */
    'notifications' => [
        'new-device' => [
            'enabled' => env('AUTH_LOG_NEW_DEVICE_NOTIFICATION', true),
            'location' => env('AUTH_LOG_GET_LOCATION', false),
            'template' => \Codebyray\LaravelAuthLog\Notifications\NewDevice::class,
        ],
        'failed-login' => [
            'enabled' => env('AUTH_LOG_FAILED_LOGIN_NOTIFICATION', true),
            'location' => env('AUTH_LOG_GET_LOCATION', false),
            'template' => \Codebyray\LaravelAuthLog\Notifications\FailedLogin::class,
        ],
    ],

    /*
    |--------------------------------------------------------------------------
    | Purge (Clean-up) Logs
    |--------------------------------------------------------------------------
    | purge
    | When the clean-up command is run, this will determine how old the logs must be
    | in order to be deleted. Set purge days to the number of days you wish to keep
    | the logs. If you would like to keep them indefinitly, do not schedule the clean-up
    | command to run.
    |
    */
    'purge' => 365,
];

设置用户模型

为了记录上述事件,您需要将 AuthenticationLoggableNotifiable 特性添加到您的模型中。通常,当您使用 artisan make:model 命令生成模型时,会设置 Notifiable,如果尚未设置,请确保添加它。

namespace App\Models;

use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Codebyray\LaravelAuthLog\Traits\AuthenticationLoggable;

class User extends Authenticatable
{
    use Notifiable, AuthenticationLoggable;
}

此包将监听 Laravel 的登录、登出、失败和其他设备登出事件。

使用方法

获取日志

获取用户的全部认证日志

$user = User::find(1);
$user->authentications;
// or
User::find(1)->authentications;
// or
auth()->user()->authentications;

获取用户上次登录信息

/*
|
| Each method below returns something like for the date & time:
|   Illuminate\Support\Carbon @1664518251 {#1176
|       value: "2022-09-30 06:10:51",
|   }
|
| If requesting th IP the events will return:
|   "127.0.0.1"
|
*/
// Get the date & time of the last login whether it be a failed attempt or successful login.
User::find(1)->lastLoginAt();

// Get the date & time of the last successful login.
User::find(1)->lastSuccessfulLoginAt();

// Get the IP address of the last login whether a failed attempt or successful one.
User::find(1)->lastLoginIp();

// Get the IP address of the last successful login.
User::find(1)->lastSuccessfulLoginIp();

获取用户之前的成功登录时间或 IP 地址

// Get the date & time for the users previous successful login.
User::find(1)->previousLoginAt();

// Get the IP address for the users previous successful login.
User::find(1)->previousLoginIp();

在上面的示例中,您可以使用 auth()->user() 来获取当前登录用户的日志。

通知

默认情况下,通知通过电子邮件发送。您可以通过在 'Authenticatable' 模型中设置来将它们发送到 'mail'、'nexmo' 和 'slack'。为了设置要发送通知的通道,您需要在您的 'Authenticatable' 模型中定义 'notifyAuthenticationLogVia' 方法。

public function notifyAuthenticationLogVia()
{
    return ['nexmo', 'mail', 'slack'];
}

为了使用 'Slack' 和/或 'Nexmo',您需要为每个安装驱动程序并按照它们的文档设置您的 'Authenticatable' 模型。

新设备通知

默认启用,它们使用 \Codebyray\LaravelAuthLog\Notifications\NewDevice 类,该类可以在配置文件中重写。

失败登录通知

默认启用,它们使用 \Codebyray\LaravelAuthLog\Notifications\FailedLogin 类,该类可以在配置文件中重写。

位置

如果已安装 torann/geoip package,您需要通过配置文件启用位置。默认情况下,此功能是禁用的。

您可以在每个模板的配置中启用此功能。

注意:在本地工作默认情况下,不会记录位置,因为它将发送 geoip 配置文件中的默认地址。您可以在电子邮件模板中覆盖此行为。

清除旧日志

您可以使用以下 artisan 命令清除日志

php artisan auth-log:purge

通过 config/auth-log.php 文件中的 purge 设置,删除超过指定天数的任何记录。默认天数为 365。

'purge' => 365,

您可以使用以下命令安排命令自动每月运行一次,或您希望运行的频率

$schedule->command('auth-log:purge')->monthly();

版本兼容性

测试

composer test

变更日志

有关最近更改的更多信息,请参阅 CHANGELOG

安全漏洞

有关报告安全漏洞的更多信息,请参阅 我们的安全策略

致谢

许可证

MIT许可证(MIT)。更多信息请参阅许可证文件