Support the ongoing development of Laravel.io →
Authentication Architecture

I need to implement a "last seen" timestamp in laravel, so if your authenticated, and make a request to the application, we have an indicator of when you were last online. The most obvious approach is to have a snippet of code which sets a "last_access" column with the current time on the auth'd user, however i'm not 100% sure where the best place to put such an update in the execution tree of the application.

Note: I'm not too fussed about the extra database call, i'll actually be caching the timestamps to redis.

I have a couple of ideas on where to implement it but i'm looking for some validation on the ideas, from the more experienced laravel devs.

  1. My first thought was to implement a middleware. I know rate limiting is a suggested use for middlewares, but i'm not sure if it's a good use case of them for "last online". I also don't know yet if the Authentication stuff has even run at that point, but i'm assuming the hardcoded SessionMiddleware runs before any custom ones.

  2. I could implement it as an App::filter, but that seem's a bit hacky, since i'm not really filtering

  3. I have a route prefix of "v1" which i could attach the update too via filters, but this seems even more hacky

  4. My last idea is theorhetical in that i don't know if the events exist. But if there is some sort of event that is fired such as "authed" i could hook into that using an event subscriber. Or if there's not an "event" as such, if there's some sort of post auth method caller (i.e. push functions onto a stack "somewhere" that is iterated after a successful auth).

So far, i'm pretty sure, 3 is just a plain bad idea, 2 would be the quickest to "jsut get it done" but probably isn't a good use case of filters.

4 seems like it could be the correct method, since im more concerned about the auth/session more so than the request itself (which is what i perceive middlewares to be concerned with)

1 seems like a viable fallback if 4 is not possible due to laravel not having any usable post-auth hooks (need to look more in-depth at source, but couldn't find any so far).

Anyone have any advice/suggestions on this?

Last updated 3 years ago.
0

Sign in to participate in this thread!

Eventy

Your banner here too?

Moderators

We'd like to thank these amazing companies for supporting us

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

© 2025 Laravel.io - All rights reserved.