How to Save User’s Last Login Time and IP Address
Quick tip of the day. Default Laravel Auth comes with User table and model, but without logging capability, so we need to build it ourselves. Fortunately, it’s very easy, I will show you one method.
Let’s say that we want to save user’s last login time and IP address in the same users table.
So we start with database migration:
|
1 2 3 |
php artisan make:migration add_login_fields_to_users_table |
Then we fill it with these fields:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
class AddLoginFieldsToUsersTable extends Migration { public function up() { Schema::table('users', function (Blueprint $table) { $table->datetime('last_login_at')->nullable(); $table->string('last_login_ip')->nullable(); }); } // ... |
Next, we need to add these fields as fillables in app/User.php model:
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
class User extends Authenticatable { protected $fillable = [ 'email', 'password', 'name', 'last_login_at', 'last_login_ip', ]; // ... |
Finally, how do we fill them in? You need to know that there is authenticated() method in the AuthenticatesUsers trait. It’s called every time someone logs in.
|
1 2 3 4 5 6 7 8 9 10 11 12 13 |
/** * The user has been authenticated. * * @param \Illuminate\Http\Request $request * @param mixed $user * @return mixed */ protected function authenticated(Request $request, $user) { // } |
In trait this method is empty. So we have freedom to override it in LoginController and add whatever code we need.
app/Http/Controllers/Auth/LoginController.php:
|
1 2 3 4 5 6 7 8 9 |
function authenticated(Request $request, $user) { $user->update([ 'last_login_at' => Carbon::now()->toDateTimeString(), 'last_login_ip' => $request->getClientIp() ]); } |
And, that’s it! Here’s what we have in users table after log in:
Do I have to set last_login_at as protected $dates?
Depends on how you use it later, if you want it to be used as Carbon object by default, then yes.
What other things may be interesting to collect that you could collect on Login? I really like this! Thank you!
You can collect anything that comes within Request class, or maybe even build some custom logic here. It’s pretty flexible.
When a password reset is performed the user is automatically logged in. This method is then not triggered. An event listener is maybe a better solution or what do you think?
Hi Leslie, same thing about registering – user is automatically logged in and this event isn’t triggered. Perhaps you’re right, even listener somewhere “deeper” could be better but you need to know what events to listen to.
hi, how could we get user browser/device data?
Hi, for that I would recommend this package: https://github.com/jenssegers/agent
I hope you guys noticed that the updated_at column gets the same value always as last_login_at column. It shouldn’t be so.
hello sir..
i got current login IP
but i want last login IP
Havent’t tried this but what happens if the user just doesn’t logout instead just closed the browser or tab?