Saturday, 2 February 2019

How to modify “remember me” expired time in Laravel?

In this article, we will be discussing the way you can easily customize the default expiration time of remember me token in Laravel. We would also be getting to know the default value of expiration time of remember me token in Laravel.




How to modify “remember me” expired time in Laravel?
How to modify “remember me” expired time in Laravel? | Full Stack Geek



Introduction:

As we all know, Laravel, as of 2019 is a leading PHP Framework and stands higher in the list of Best PHP Frameworks (2019) and a lot of people are using it for their projects. Now Suppose, in your project, you are using Laravel's php artisan make:auth to handle authentication related aspects and now you want to manually customize the expiration time of remember-me token as per your project's needs. To tackle with this, we would be seeing the procedure using which you can easily modify the default value of expiration time of remember me token in Laravel.

The Default value of expiration time of remember me token in Laravel:

Before moving on to customizing the expiration time of the remember-me token, let us see the default expiration time of the remember-me token.

Default value of expiration time of remember me token in Laravel
The default value of expiration time of remember me token in Laravel | Full Stack Geek

As you can see, it is, by default set to five(5) years and that's literally huge and hence you may want to customize it according to the needs of your project and we will be seeing how to do this in this article.

Suggested Read: Redis vs MySQL Benchmarks


Stepwise Procedure to Modify the token's Expiration Time:

Let us suppose, you want to set the expiration time of remember-me token to 10 minutes. Below is the step wise procedure you can follow.

[Customizing token's Expiration Time] Step One:

Head over to app/Http/Controllers/Auth/ in your project's directory and open LoginController.php file, you would see something similar to this:

<?php  
 namespace App\Http\Controllers\Auth;  
 use App\Http\Controllers\Controller;  
 use Illuminate\Foundation\Auth\AuthenticatesUsers;  
 class LoginController extends Controller  
 {  
   /*  
   |--------------------------------------------------------------------------  
   | Login Controller  
   |--------------------------------------------------------------------------  
   |  
   | This controller handles authenticating users for the application and  
   | redirecting them to your home screen. The controller uses a trait  
   | to conveniently provide its functionality to your applications.  
   |  
   */  
   use AuthenticatesUsers;  
   /**  
    * Where to redirect users after login.  
    *  
    * @var string  
    */  
   protected $redirectTo = '/home';  
   /**  
    * Create a new controller instance.  
    *  
    * @return void  
    */  
   public function __construct()  
   {  
     $this->middleware('guest')->except('logout');  
   }  
 }  
    


You can easily observe that LoginController.php uses AuthenticatesUsers.php trait and you just need to override a method of this trait into your LoginController.php file.

[Customizing token's Expiration Time] Step Two:

In AuthenticatesUsers.php trait, you would find a protected method sendLoginResponse something similar to this:
 /**  
    * Send the response after the user was authenticated.  
    *  
    * @param \Illuminate\Http\Request $request  
    * @return \Illuminate\Http\Response  
    */  
   protected function sendLoginResponse(Request $request)  
   {  
     $request->session()->regenerate();  
     $this->clearLoginAttempts($request);  
     return $this->authenticated($request, $this->guard()->user())  
         ?: redirect()->intended($this->redirectPath());  
   } 
    


Now, You need to override this function and to do this, just copy the function sendLoginResponse(Request $request) and simply add it to your LoginController.php. Your LoginController.php would look something similar to this:

<?php  
 namespace App\Http\Controllers\Auth;  
 use App\Http\Controllers\Controller;  
 use Illuminate\Foundation\Auth\AuthenticatesUsers;  
 use Illuminate\Http\Request;  
 use Illuminate\Support\Facades\Auth;  
 use Illuminate\Support\Facades\Cookie;  
 class LoginController extends Controller  
 {  
   /*  
   |--------------------------------------------------------------------------  
   | Login Controller  
   |--------------------------------------------------------------------------  
   |  
   | This controller handles authenticating users for the application and  
   | redirecting them to your home screen. The controller uses a trait  
   | to conveniently provide its functionality to your applications.  
   |  
   */  
   use AuthenticatesUsers;  
   /**  
    * Where to redirect users after login.  
    *  
    * @var string  
    */  
   protected $redirectTo = '/home';  
   /**  
    * Create a new controller instance.  
    *  
    * @return void  
    */  
   public function __construct()  
   {  
     $this->middleware('guest')->except('logout');  
   }  
   protected function sendLoginResponse(Request $request) {  
     $request->session()->regenerate();  
     $this->clearLoginAttempts($request);  
     return $this->authenticated($request, $this->guard()->user())  
       ?: redirect()->intended($this->redirectPath());  
   }  
 } 
    


[Customizing token's Expiration Time] Step Three:

Now, In your LoginController.php file, Just replace the definition of sendLoginResponse() method with this:

protected function sendLoginResponse(Request $request) {  
     $customRememberMeTimeInMinutes = 10;  
     $rememberTokenCookieKey = Auth::getRecallerName();  
     Cookie::queue($rememberTokenCookieKey, Cookie::get($rememberTokenCookieKey), $customRememberMeTimeInMinutes);  
     $request->session()->regenerate();  
     $this->clearLoginAttempts($request);  
     return $this->authenticated($request, $this->guard()->user())  
         ?: redirect()->intended($this->redirectPath());  
   } 
    


Here, the variable $customRememberMeTimeInMinutes will have the value equal to the expiration time of the remember-me token you want to set (In Minutes). After doing this, simply attempt login into your project while keeping Remember Me checkbox checked, You will be able to see that the new expiration time of the remember-me token is now only 10 minutes instead of 5 years.

How to modify “remember me” expired time in Laravel?
How to modify “remember me” expired time in Laravel? | Full Stack Geek




Liked this blog? Don't miss out on any future blog posts by Subscribing Here or you can also like our Facebook Page or follow us on Twitter

No comments:

Post a comment