bibrkacity / sanctum_session
Supporting work with variables related to Sanctum token
Maintainers
Requires
- php: ^8.2
- illuminate/support: ^11.0|^12.0|^13.0
- laravel/framework: ^13.0 || ^12.1
README
Supporting work with variables related to Sanctum token For Laravel. It can be called "Sanctum Session". It can be useful, for example, for storing user preferences or user-specific data.
Installation
- Run
composer require bibrkacity/sanctum_session
from the root of your project. - Run
php artisan vendor:publish --provider="Bibrkacity\SanctumSession\SanctumSessionServiceProvider"
from the root of your project. - Run
php artisan migrate
from the root of your project.
Usage
The alias SanctumService available in your project after installation. The token for use as argument in the methods you can get from the request:
$token = request()->bearerToken(); // or $token = $request->bearerToken();
Available types of variables:
- string
- integer
- float
- boolean
- array
- object
- json
The alias SanctumService has a static methods for work with the Sanctum session variables:
| Method | Arguments | Description |
|---|---|---|
| has() | string $token, string $key |
Checking if a variable with name=$key exists in the Sanctum session |
| get() | string $token, string $key, mixed $default |
Getting a variable from the Sanctum session |
| getAll() | string $token | Getting all variables from the Sanctum session |
| put() | string $token, string $key, string $type, mixed $value |
Setting a variable in the Sanctum session |
| forget() | string $token, string $key |
Removing a variable from the Sanctum session |
| forgetAll() | string $token | Removing all variables from the Sanctum session |
Examples
- Middleware for get/set locale using the Sanctum session:
<?php namespace App\Http\Middleware; use SanctumSession; use Closure; use Illuminate\Http\Request; use Symfony\Component\HttpFoundation\Response; class SetLocale { /** * Handle an incoming request. * * @param \Closure(\Illuminate\Http\Request): (\Symfony\Component\HttpFoundation\Response) $next */ public function handle(Request $request, Closure $next): Response { $supportedLocales = config('app.supported_locales'); $defaultLocale = config('app.locale'); $locale = $request->input('locale'); if ($locale && in_array($locale, $supportedLocales)) { app()->setLocale($locale); } elseif (SanctumSession::has($request->bearerToken(), 'locale')) { $sessionLocale = SanctumSession::get($request->bearerToken(), 'locale'); app()->setLocale( in_array($sessionLocale, $supportedLocales) ? $sessionLocale : $defaultLocale ); } else { app()->setLocale($defaultLocale); } $locale = app()->getLocale(); if ($locale === $defaultLocale) { SanctumSession::forget($request->bearerToken(), 'locale'); } else { SanctumSession::put($request->bearerToken(), 'locale', 'string', $locale); } return $next($request); } }
- Middleware for gets the mark of 2FA using the Sanctum session:
<?php namespace App\Http\Middleware; use App\Enums\VariableNames; use App\Exceptions\AuthorizationException; use Closure; use Illuminate\Http\Request; use SanctumSession; use Symfony\Component\HttpFoundation\Response; class Checking2fa { /** * Handle an incoming request. * * @param Closure(Request): (Response) $next */ public function handle(Request $request, Closure $next): Response { $user = $request->user(); if ($user->required2fa && (! SanctumSession::get($request->bearerToken(), VariableNames::VERIFIED2FA->value, false))) { throw new AuthorizationException('2FA is required for this action', Response::HTTP_FORBIDDEN); } return $next($request); } }
<?php declare(strict_types=1); namespace App\Enums; enum VariableNames: string { case VERIFIED2FA = 'verified2fa'; }
Prune old Sanctum session variables
You can prune old session variables by pruning expired tokens. You can prube expired tokens (which have not been used, for example, for 6 hours) running the command:
php artisan sanctum::prune-expired --hours=6
You can run this command every 6 hours by Schedule:
routes/console.php
<?php ... Schedule::command('sanctum:prune-expired --hours=6')->everySixHours();