Skip to content

[11.x] Cache token repository#53428

Merged
taylorotwell merged 6 commits into
laravel:11.xfrom
browner12:AB-cache-token-repository
Nov 8, 2024
Merged

[11.x] Cache token repository#53428
taylorotwell merged 6 commits into
laravel:11.xfrom
browner12:AB-cache-token-repository

Conversation

@browner12
Copy link
Copy Markdown
Contributor

@browner12 browner12 commented Nov 6, 2024

Password reset tokens are a relatively short lived entity. Currently our only framework option is for them to be stored in the database. This is an okay option, but it's slightly annoying because it's another table to maintain, and makes it more difficult for Laravel to make desired adjustment if they require a schema change.

This PR proposes a new CacheTokenRepository which will allow the password reset tokens to be handled via cache. IMO cache is a perfect storage medium because it can be more ephemeral, just like the password reset tokens.

To enable this new CacheTokenRepository, adjust your config/auth.php like so:

'passwords' => [

    //new cache driver
    'customers' => [
        'driver'   => 'cache',
        'store'    => 'passwords',
        'provider' => 'customers',
        'expire'   => 60,
        'throttle' => 60,
    ],

   //default old database driver
    'users'     => [
        'provider' => 'users',
        'table'    =>'password_reset_tokens',
        'expire'   => 60,
        'throttle' => 60,
    ],
],

The driver key will activate the new "cache" driver. The store key is optional, although I would recommend creating a dedicated cache store for your password resets to prevent flushing your password resets when refreshing your normal cache. The expire and throttle key behave as before.

If your application has multiple "providers" that all use email as their identifier, you also get the added benefit of being able to place them on separate cache stores, thus avoiding an unlikely but possible collision.

@browner12
wip
b5050e6
@browner12
Update CacheTokenRepository.php
5fccb8b 
- store the carbon date as a formatted string
- use the existing `delete()` method
- simplify constructor and properties
@browner12
Update PasswordBrokerManager.php
a034701 
have the `PasswordBrokerManager` pass in expiration as seconds
@browner12
styling
3803b2e
@browner12
minor styling
68d5307
@browner12
check for set "driver" key
e98e0f3
@taylorotwell taylorotwell merged commit 988de8a into laravel:11.x Nov 8, 2024
@browner12 browner12 deleted the AB-cache-token-repository branch November 8, 2024 06:46
@browner12 browner12 mentioned this pull request Nov 8, 2024
Closed
@browner12 browner12 mentioned this pull request Nov 19, 2024
Closed
@blumilk-renovate blumilk-renovate Bot mentioned this pull request Dec 3, 2024
Merged
1 task
browner12 added a commit to browner12/docs that referenced this pull request Jun 24, 2025
@browner12
document the password reset cache driver
c787027 
document laravel/framework#53428

I modeled the wording and organization after the `session.md` docs for hopefully a little consistency.
@browner12 browner12 mentioned this pull request Jun 24, 2025
Merged
taylorotwell added a commit to laravel/docs that referenced this pull request Jul 1, 2025
@browner12 @taylorotwell
[12.x] document the password reset cache driver (#10534)
7fd84ae 
* document the password reset `cache` driver

document laravel/framework#53428

I modeled the wording and organization after the `session.md` docs for hopefully a little consistency.

* add note about how we key the entries

* formatting

---------

Co-authored-by: Taylor Otwell <taylor@laravel.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@browner12 @taylorotwell