New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Update last_used_at in terminable middleware #141
Comments
Hi, in your
After that, you need to create new folders In the copied file, need to change the last return from method
And finally, run Be carefully in the future when you update this package, you need to check if original file of your custom file don't have a changes. |
Thanks, but this is not an option for me :) |
You can overwrite the |
done |
A complete solution to this
<?php
namespace App\Http\Middleware;
use Closure;
use Illuminate\Http\Request;
class UpdatePersonalAccessToken
{
public function handle(Request $request, Closure $next)
{
$response = $next($request);
$request->user()?->currentAccessToken()?->setRawAttributes(['last_used_at' => now()])->save();
return $response;
}
}
<?php
class Kernel extends HttpKernel
{
...
protected $middlewarePriority = [
...other middlewares,
UpdatePersonalAccessToken::class
];
}
<?php
namespace App\Models;
use Illuminate\Database\Eloquent\Casts\Attribute;
use Laravel\Sanctum\PersonalAccessToken as SanctumPersonalAccessToken;
class PersonalAccessToken extends SanctumPersonalAccessToken
{
protected function lastUsedAt(): Attribute
{
// We need to set it to the same value as the original so the `UPDATE` won't execute
return Attribute::make(
set: fn () => $this->getOriginal('last_used_at')
);
}
}
<?php
namespace App\Providers;
use App\Models\PersonalAccessToken;
use Illuminate\Support\ServiceProvider;
use Laravel\Sanctum\Sanctum;
class AppServiceProvider extends ServiceProvider
{
public function boot()
{
Sanctum::usePersonalAccessTokenModel(PersonalAccessToken::class);
}
} |
I'm working on an application where we have a MySql database cluster that's running in replica, one Reader and one Write. Our API is optimized as much as possible to handle high traffic, and (at least for GET endpoints) we strive to only "Read" data from database (where possible - moving and write in terminable middleware), but after switching to sanctum authorization mechanism, this principle (GET only Read data from reader replica) is not applied anymore, hitting also the Writer replica, before API send back the response.
I'm wondering if we can move the sanctum last_used_at property update on a terminable middleware, to avoid this matter.
Thanks.
The text was updated successfully, but these errors were encountered: