Laravel Authentication Log is a package that tracks your user’s authentication information such as login/logout time, IP, Browser, Location, etc. as well as sends out notifications via mail, slack, or sms for new devices and failed logins.

Installation

You can install the package via composer:

composer require rappasoft/laravel-authentication-log

If you want the location features you must also install torann/geoip:

composer require torann/geoip

Configuration

Publishing Assets

You can publish and run the migrations with:

php artisan vendor:publish --provider="Rappasoft\LaravelAuthenticationLog\LaravelAuthenticationLogServiceProvider" --tag="authentication-log-migrations"

php artisan migrate

You can publish the view/email files with:

php artisan vendor:publish --provider="Rappasoft\LaravelAuthenticationLog\LaravelAuthenticationLogServiceProvider" --tag="authentication-log-views"

You can publish the config file with:

php artisan vendor:publish --provider="Rappasoft\LaravelAuthenticationLog\LaravelAuthenticationLogServiceProvider" --tag="authentication-log-config"

If you installed torann/geoip you should also publish that config file to set your defaults:

php artisan vendor:publish --provider="Torann\GeoIP\GeoIPServiceProvider"

Setting up your model

You must add the AuthenticationLoggable and Notifiable traits to the models you want to track.

use Illuminate\Notifications\Notifiable;
use Rappasoft\LaravelAuthenticationLog\Traits\AuthenticationLoggable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use Notifiable, AuthenticationLoggable;
}

The package will listen for Laravel’s Login, Logout, Failed, and OtherDeviceLogout events.

Overriding default Laravel events

If you would like to listen to your own events you may override them in the package config (as of v1.3).

Example event override

You may notice that Laravel fires a Login event when the session renews if the user clicked ‘remember me’ when logging in. This will produce empty login rows each time which is not what we want. The way around this is to fire your own Login event instead of listening for Laravels.

You can create a Login event that takes the user:

<?php

namespace App\Domains\Auth\Events;

use Illuminate\Queue\SerializesModels;

class Login
{
    use SerializesModels;

    public $user;

    public function __construct($user)
    {
        $this->user = $user;
    }
}

Then override it in the package config:

// The events the package listens for to log
'events' => [
    'login' => \App\Domains\Auth\Events\Login::class,
    ...
],

Then call it where you log in your user:

event(new Login($user));

Now the package will only register actual login events, and not session re-authentication.

Getting Logs

Now you can get all authentication logs for the user:

User::find(1)->authentications;

Get the user’s last login information:

User::find(1)->lastLoginAt();

User::find(1)->lastSuccessfulLoginAt();

User::find(1)->lastLoginIp();

User::find(1)->lastSuccessfulLoginIp();

Get the user’s previous login time & IP address (ignoring the current login):

auth()->user()->previousLoginAt();

auth()->user()->previousLoginIp();

Notifications

Notifications may be sent on the ‘mail’, ‘nexmo’, and ‘slack’ channels but by default notify via email.

You can define a notifyAuthenticationLogVia method on your authenticatable models to determine which channels the notification should be delivered on:

public function notifyAuthenticationLogVia()
{
    return ['nexmo', 'mail', 'slack'];
}

You can install the Slack and Nexmo drivers to use those routes and follow their documentation on setting it up for your specific authenticatable models.

Above is the quick startup guide But you can visit more details on its official website and source code on Github