Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Laravel passport prevent user to login together with the same credential

Tags:

php

laravel

laravel-passport

I was using Laravel Passport to allow my mobile to call laravel api for using laravel authentication.

I found a problem recently which is laravel passport allow the same user to login from multiple devices. Is there any solution for me to prevent the same user to login with other devices at the same time?

I have found a way to logout with Laravel Passport but I do not know if it is the best way if I use 

$request->user()->token()->revoke()

whenever a user is trying to login.

like image 467
Dave Cruise Avatar asked Jul 22 '19 05:07

Dave Cruise

People also ask

Which is better JWT or Passport in laravel?

The "tymondesigns/jwt-auth" is a PHP Laravel implementation of the JWT protocol. On the other hand, Passport also uses JWT by default plus a huge extra, a complete Oauth2 implementation. Regarding the functionality, as I said they both use JWT thus you can use whichever you like to authentication via tokens.

What is the difference between sanctum and Passport in laravel?

Chatty Cathy @vincent15000 Passport is an OAuth server implementation, and used to offer OAuth authorisation for your application. Sanctum is an authentication library for “simpler” token-based authentication for clients that need it (i.e. mobile apps) but also offers cookie-based authentication for SPAs.

How do I stop multiple logs in laravel?

Step:1 Create a new Laravel 5.7 Project in users, migration table add one extra filed. if you already migrate users table then you need to add one extra field in the user table. After that migrate table in the database using this following command. In your Laravel application folder, LoginController.

How does laravel Passport authentication work?

Laravel Passport is an easy way to set up an authentication system for your API. As a Laravel package, it uses an OAuth2 server to perform authentication, creating tokens for user applications that request to interface with the API it protects, and only granting them access if their tokens are validated.

1 Answers

You can hook the AccessTokenCreated event, and then inside your listener you can revoke any existing tokens.

Add these events/listeners to your EventServiceProvider

'Laravel\Passport\Events\AccessTokenCreated' => [
    'App\Listeners\RevokeExistingTokens',
],

Then create a listener using php artisan make:listener RevokeExistingTokens

Then inside the handle function:

$user = User::find($event->userId);

$user->tokens()->offset(1)->get()->map(function ($token) {
    $token->revoke();
});

This will delete all of the users tokens except the one that was just created.

like image 64
atymic Avatar answered Sep 20 '22 03:09

atymic
Sign in to Comment

Related questions

Difference Between Varnish `(pipe)` and `(pass)`
get value of input element with "id" or "name"
io_stream.lo Error 1 when installing php extension
checking checkboxList in Yii2 at the time of updating post?
How to remove all data after last dot using php?
Laravel 5 translate validation attribute
Conditional validation if checkbox selected laravel
How does Binding parameters prevent Sql Injection? [duplicate]
PHP: Writing a lot of small files the fastest or/and most efficient way
max_input_vars in php.ini not updating after change
I can't compare password from my database and the one inputted
Import file in MAMP(file size exceeded the maximum size permitted)
Laravel attach manytomany with extra field
How to run laravel migrations without artisan (using code)
How can I safely retrieve this property of this object?
the requested PHP extension mbstring is missing from your system
How to extract all rows which is duplicates in laravel?
New Laravel Routes not working
Custom (dynamic) log file names with laravel5.6
How to delete previous all elements from a specified index in PHP?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!