Skip to content
Laravel Auth Checker allows you to log users authentication, devices authenticated from and lock intrusions.
Branch: master
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Type Name Latest commit message Commit time
Failed to load latest commit information.
config 🔖 1.3.0 Sep 5, 2019
tests For user relation use morphTo Dec 20, 2019

Laravel Auth Checker

Build Status Scrutinizer Code Quality

Laravel Auth Checker is a plugin to collect login info and devices used when a user authenticates. It makes it easy to catch user authentication attempts and lockouts from new IP address or new devices.

Example logins table


  • Laravel 6.0
  • PHP >= 7.2

See 1.2 branch for Laravel < 6 See 1.1 branch for Laravel < 5.7


  • Require it with Composer:
composer require lab404/laravel-auth-checker
  • Add to your User model the Lab404\AuthChecker\Models\HasLoginsAndDevices trait and the Lab404\AuthChecker\Interfaces\HasLoginsAndDevicesInterface interface.
use Lab404\AuthChecker\Models\HasLoginsAndDevices;
use Lab404\AuthChecker\Interfaces\HasLoginsAndDevicesInterface;

class User extends Authenticatable implements HasLoginsAndDevicesInterface
    use Notifiable, HasLoginsAndDevices;  
  • Publish migrations and migrate your database:
php artisan vendor:publish --tag=auth-checker
php artisan migrate

Note: Migrations are published in case you need to customize migration timestamps to integrate to your existing project.

Access collected data

This library collects login data and devices data about your users.


// Your user model:
$logins = $user->logins;
// Output: 
        'ip_address' => '',
        'device_id' => 1, // ID of the used device
        'type' => 'auth',
        'device' => [
            // See Devices
        'created_at' => '2017-03-25 11:42:00',
    // ... and more

Also, you can directly access logins by their type:

  • $user->auths, returns successful logins (via Login::TYPE_LOGIN)
  • $user->fails, returns failed logins (via Login::TYPE_FAILED)
  • $user->lockouts, returns locked out logins (via Login::TYPE_LOCKOUT)


// Your user model:
$devices = $user->devices;
// Outputs:
        'platform' => 'OS X',
        'platform_version' => '10_12_2',
        'browser' => 'Chrome',
        'browser_version' => '54',
        'is_desktop' => true,
        'is_mobile' => false,
        'language' => 'fr-fr',
        'login' => [
          // See logins
    // ... and more


  • Log user authentication
  • Collect IP addresses
  • Collect devices
  • Get user's login history
  • Get devices history
  • Capture failed logins
  • Capture lockout logins
  • Trust / Untrust devices
  • Notify user when an unknown device log in


There are many events available that can be used to add features to your app:

  • LoginCreated is fired when a user authenticates.
  • DeviceCreated is fired when a new device is created for a user.
  • FailedAuth is fired when a user fails to log in.
  • LockoutAuth is fired when authentication is locked for a user (too many attempts).

Each event passes a Login model and a Device model to your listeners.

Practical usage

Once the trait HasLoginsAndDevices is added to your User model, it is extended with these methods:

  • logins() returns all logins
  • auths() returns all successful login attemps
  • fails() returns all failed login attempts
  • lockouts() returns all lockouts

Each login returned is associated with the Device model used.

  • devices() returns all devices used by the user to authenticate.






You can’t perform that action at this time.