I've Solved My problem This way : Step1 - In EventServiceProvider should change the path to the Access Token createdn and also refresh token created :
protected $listen = [
'Laravel\Passport\Events\AccessTokenCreated' => [
'App\Listeners\RevokeOldTokens',
],
'Laravel\Passport\Events\RefreshTokenCreated' => [
'App\Listeners\PruneOldTokens',
],
];
Step2- generate this two listeners events :
php artisan event:generate
Step3- Modify AccessTokenCreated & RefreshTokenCreated event handle methods :
namespace App\Listeners;
use Laravel\Passport\Events\AccessTokenCreated;
use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Contracts\Queue\ShouldQueue;
use DB;
class RevokeOldTokens
{
/**
* Create the event listener.
*
* @return void
*/
public function __construct()
{
//
}
/**
* Handle the event.
*
* @param AccessTokenCreated $event
* @return void
*/
public function handle(AccessTokenCreated $event)
{
DB::table('oauth_access_tokens')
->where('id', '<>', $event->tokenId)
->where('user_id', $event->userId)
->where('client_id', $event->clientId)
->update(['revoked' => true]);
}
}
<?php
namespace App\Listeners;
use Laravel\Passport\Events\RefreshTokenCreated;
use Illuminate\Queue\InteractsWithQueue;
use Illuminate\Contracts\Queue\ShouldQueue;
use DB;
class PruneOldTokens
{
/**
* Create the event listener.
*
* @return void
*/
public function __construct()
{
//
}
/**
* Handle the event.
*
* @param RefreshTokenCreated $event
* @return void
*/
public function handle(RefreshTokenCreated $event)
{
DB::table('oauth_refresh_tokens')
->where('id', '<>', $event->refreshTokenId)
->where('access_token_id', '<>', $event->accessTokenId)
->update(['revoked' => true]);
}
}
After This steps if I send any request to my project it will check for tokens and if there is another token it will revoke it and make it unathorized.
Sign in to participate in this thread!
The Laravel portal for problem solving, knowledge sharing and community building.
The community