Merge branch '2.x'

# Conflicts: # CHANGELOG.md
laravel · Dec 14, 2021 · 8a39bd8 · 8a39bd8
2 parents 3eb4d1a + b4c07d0
commit 8a39bd8
Show file tree

Hide file tree

Showing 4 changed files with 51 additions and 4 deletions.
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -1,6 +1,12 @@
 # Release Notes
 
-## [Unreleased](https://github.com/laravel/sanctum/compare/v2.12.2...master)
+## [Unreleased](https://github.com/laravel/sanctum/compare/v2.13.0...master)
+
+
+## [v2.13.0 (2021-12-14)](https://github.com/laravel/sanctum/compare/v2.12.2...v2.13.0)
+
+### Added
+- Add an event on successful token validation ([#327](https://github.com/laravel/sanctum/pull/327), [b656bc1](https://github.com/laravel/sanctum/commit/b656bc1cc0010d0ac00f00dbc88b02a8940f8860))
 
 
 ## [v2.12.2 (2021-11-16)](https://github.com/laravel/sanctum/compare/v2.12.1...v2.12.2)

diff --git a/src/Events/TokenAuthenticated.php b/src/Events/TokenAuthenticated.php
@@ -0,0 +1,24 @@
+<?php
+
+namespace Laravel\Sanctum\Events;
+
+class TokenAuthenticated
+{
+    /**
+     * The personal access token that was authenticated.
+     *
+     * @var \Laravel\Sanctum\PersonalAccessToken
+     */
+    public $token;
+
+    /**
+     * Create a new event instance.
+     *
+     * @param  \Laravel\Sanctum\PersonalAccessToken  $token
+     * @return void
+     */
+    public function __construct($token)
+    {
+        $this->token = $token;
+    }
+}
diff --git a/src/Guard.php b/src/Guard.php
@@ -5,6 +5,7 @@
 use Illuminate\Contracts\Auth\Factory as AuthFactory;
 use Illuminate\Http\Request;
 use Illuminate\Support\Arr;
+use Laravel\Sanctum\Events\TokenAuthenticated;
 
 class Guard
 {
@@ -70,6 +71,12 @@ public function __invoke(Request $request)
                 return;
             }
 
+            $tokenable = $accessToken->tokenable->withAccessToken(
+                $accessToken
+            );
+
+            event(new TokenAuthenticated($accessToken));
+
             if (method_exists($accessToken->getConnection(), 'hasModifiedRecords') &&
                 method_exists($accessToken->getConnection(), 'setRecordModificationState')) {
                 tap($accessToken->getConnection()->hasModifiedRecords(), function ($hasModifiedRecords) use ($accessToken) {
@@ -81,9 +88,7 @@ public function __invoke(Request $request)
                 $accessToken->forceFill(['last_used_at' => now()])->save();
             }
 
-            return $accessToken->tokenable->withAccessToken(
-                $accessToken
-            );
+            return $tokenable;
         }
     }
 

diff --git a/tests/GuardTest.php b/tests/GuardTest.php
@@ -7,8 +7,10 @@
 use Illuminate\Contracts\Auth\Factory as AuthFactory;
 use Illuminate\Database\Eloquent\Model;
 use Illuminate\Http\Request;
+use Illuminate\Support\Facades\Event;
 use Illuminate\Support\Str;
 use Laravel\Sanctum\Contracts\HasApiTokens as HasApiTokensContract;
+use Laravel\Sanctum\Events\TokenAuthenticated;
 use Laravel\Sanctum\Guard;
 use Laravel\Sanctum\HasApiTokens;
 use Laravel\Sanctum\PersonalAccessToken;
@@ -254,6 +256,10 @@ public function test_authentication_with_token_fails_if_user_provider_is_invalid
         $factory = $this->app->make(AuthFactory::class);
         $requestGuard = $factory->guard('sanctum');
 
+        Event::fake([
+            TokenAuthenticated::class,
+        ]);
+
         $request = Request::create('/', 'GET');
         $request->headers->set('Authorization', 'Bearer test');
 
@@ -275,6 +281,7 @@ public function test_authentication_with_token_fails_if_user_provider_is_invalid
 
         $this->assertNull($returnedUser);
         $this->assertInstanceOf(EloquentUserProvider::class, $requestGuard->getProvider());
+        Event::assertNotDispatched(TokenAuthenticated::class);
     }
 
     public function test_authentication_is_successful_with_token_if_user_provider_is_valid()
@@ -288,6 +295,10 @@ public function test_authentication_is_successful_with_token_if_user_provider_is
         $factory = $this->app->make(AuthFactory::class);
         $requestGuard = $factory->guard('sanctum');
 
+        Event::fake([
+            TokenAuthenticated::class,
+        ]);
+
         $request = Request::create('/', 'GET');
         $request->headers->set('Authorization', 'Bearer test');
 
@@ -309,6 +320,7 @@ public function test_authentication_is_successful_with_token_if_user_provider_is
 
         $this->assertEquals($user->id, $returnedUser->id);
         $this->assertInstanceOf(EloquentUserProvider::class, $requestGuard->getProvider());
+        Event::assertDispatched(TokenAuthenticated::class);
     }
 
     public function test_authentication_fails_if_callback_returns_false()