Sospeter Mong'areTo extend auditing in your Laravel application to include user login and logout events using the owen-it/laravel-auditing package, follow these steps:
Package link: Laravel Auditing
1. Install the Package:
If you haven't installed the owen-it/laravel-auditing package, run the following command:
composer require owen-it/laravel-auditing
After installation, publish the config file:
php artisan vendor:publish --provider "OwenIt\Auditing\AuditingServiceProvider" --tag="config"
2. Enable Auditing in the User Model:
In your User model, make sure to use the OwenIt\Auditing\Contracts\Auditable trait to enable auditing:
namespace App\Models;
use Illuminate\Foundation\Auth\User as Authenticatable;
use OwenIt\Auditing\Contracts\Auditable;
class User extends Authenticatable implements Auditable
{
use \OwenIt\Auditing\Auditable;
// Other User model properties and methods
}
3. Customizing Auditable Events for Login and Logout:
By default, owen-it/laravel-auditing audits only the created, updated, deleted, and restored events. To audit login and logout, you will need to manually trigger the audit events on user authentication events (login, logout).
4. Listen to Login and Logout Events:
In Laravel, you can listen to authentication events like Login and Logout. Create event listeners to handle this:
- Create Event Listener for Login and Logout:
Run the following command to create listeners for user login and logout:
php artisan make:listener LogSuccessfulLogin
php artisan make:listener LogSuccessfulLogout
In the app/Listeners/LogSuccessfulLogin.php file, add the following logic to audit login events:
namespace App\Listeners;
use Illuminate\Auth\Events\Login;
class LogSuccessfulLogin
{
public function handle(Login $event)
{
// Log audit for user login
$event->user->auditEvent('login');
}
}
In the app/Listeners/LogSuccessfulLogout.php file, add the following logic to audit logout events:
namespace App\Listeners;
use Illuminate\Auth\Events\Logout;
class LogSuccessfulLogout
{
public function handle(Logout $event)
{
// Log audit for user logout
$event->user->auditEvent('logout');
}
}
- Register the Event Listeners:
Open the app/Providers/EventServiceProvider.php and register the listeners for login and logout events:
Note: For laravel 11.x and above, the events are detected automatically
protected $listen = [
\Illuminate\Auth\Events\Login::class => [
\App\Listeners\LogSuccessfulLogin::class,
],
\Illuminate\Auth\Events\Logout::class => [
\App\Listeners\LogSuccessfulLogout::class,
],
];
- Define Custom Audit Event Names:
To enable custom audit event names (like login and logout), modify the User model's getAuditEvent() method:
use OwenIt\Auditing\Models\Audit;
class User extends Authenticatable implements Auditable
{
use \OwenIt\Auditing\Auditable;
public function auditEvent($event)
{
// Create an audit entry with a custom event (e.g., login, logout)
Audit::create([
'auditable_type' => self::class,
'auditable_id' => $this->id,
'event' => $event,
'url' => request()->fullUrl(),
'ip_address' => request()->ip(),
'user_agent' => request()->userAgent(),
'created_at' => now(),
]);
}
}
5. Migrate the Audit Table:
Make sure you have migrated the audit table if you haven't done so already:
php artisan vendor:publish --provider "OwenIt\Auditing\AuditingServiceProvider" --tag="migrations"
php artisan migrate
6. Testing the Audit for Login and Logout:
Now, every time a user logs in or logs out, an audit event will be logged with a custom event name (login or logout) in the audits table.
7. View the Audit Logs:
You can check the audit logs by querying the audits table or by accessing it programmatically:
$audits = \OwenIt\Auditing\Models\Audit::where('auditable_type', App\Models\User::class)->get();
This will log login and logout events along with the usual created, updated, deleted, and restored events.
