Is it possible to know the time and date users have logged in my application or do I need to store this information in my User's table myself? Just wondering if the Authentication procedure has any kind of logs already in place.
yes you have to store login information in separate table so you can make track of user login history.
there is no in built functionality provide by cakephp framework.
You are probably looking for sth like http://www.dereuromark.de/2010/09/17/keeping-track-of-usersguests/
Basically, a table where you trigger an update with each page visit (or with every x one for performance). the created timestamp for a specific session id will tell you when they logged in. last_page_url and clicked_from where they currently are and where they came from etc.
Related
Note: This is likely a duplicate question but I couldn't search for a solution/suggestion for my use case, so if anyone can re-direct me, that would be appreciated.
Problem: I have a NextJS application that runs on Prisma ORM and MySQL database. I am using NextAuth for OAuth authentication for sign up and log in.
So far the application works just fine but I want to check whether a user is logging in for the first time and redirect them to a set up page whether they would input personal details in order to populate a table on the database, so that the app can form a dynamic page based on their newly added information.
On the database, there are the user table (populated by NextAuth immediately at login) and the profile table.
Under NextAuth, the user table is populated automatically with the account's user name and email etc. However, that is not a unique entry and NextJS getStaticPath requires a unique entry to generate a dynamic page. That's why I have created the profile table to allow users to add their custom username where the dynamic URL will be generated (e.g. localhost:3000/u/[slug])
Here's my question - I want to check that the user is first time logging in and send a form for them to fill out the necessary information to input data onto the profile table, otherwise they would go straight to their profile homepage. What is the best way to check that and to redirect them to that form page?
Do I do it at server side with getServerSideProps by checking that the id from user table is missing from the profile table and do a redirect? Or is there some method that's customarily used to implement this "initial set-up" procedure?
I need to do the following tasks in CakePHP 3:
Logout users manually
Limit the number of sessions to one per user
I'm using database sessions to accomplish that. Is it possible to save additional data in sessions table? If yes, could you give me an example please?
The session database model is a cake model like all the other models, which means you can interact with it, in the same way, by adding new columns to that table and/or deleting sessions if needed. Use the model object to update delete entities in that table (I assume you're talking about cakephp 3.x)
Limiting the number of sessions to one per user can be tricky as sessions are created even if a user is not logged in. So you will have "user-less" sessions in your database as well.
Suggested way to tackle this
When a user logs in, get the current session ID and find the row in the session table that needs to be updated to include the username
At this time you may also want to delete the other rows that have the same user name, effectively destroying all the other sessions for this user.
I have my own login form for my website. In addition I have also added google and facebook login.
My question is should I add those user data that's login from (fb or google) into my own userdata table or create a different one each for google and facebook.
1) If I add to my existing one, the password column would be left blank(as fb do not provide one) and anyone who knows the email will be able to access it easily.
2) And if I make different table then I think it will become little complicated or slower when trying to access a user data from across the different table.
What's the best choice of doing it or any other method that's better than this?
Make sure users have to enter a password when they login with Facebook/Google, or make sure regular users do not use a blank password - users without a password can only login with the Facebook/Google API.
DonĀ“t create a separate table, it will only get more complicated. Extend the existing one with IDs (from Facebook and Google).
I'm building a Laravel website and I'm using the database driver to manage sessions. I created the sessions table in database and migrated with php artisan. Everything works as expected.
What I really want to do now is to check the role of the users that are online but I don't know how to get this with the fields of the sessions table in the database.
I don't really understand how the sessions table work, because I see that it registers a new row when I access to the login page, but it doesn't change when the user has logged in and when the user has logged out.
All I wanted is to check the role of the users active in the app....
Someone can help me with how to get to this?
Thank you!
I suggest you a very simple way. Just in your users table add a field called "is_online" that is 0 by default. When the user logs in , just change it to 1 and when he logs out change it back to 0. So DB::table('users')->where('is_online' , 1)->all() returns the online users.
i want to create a user account using asp page in which only one user can login their account ,if that page is currently logged then no one can log in that page after log out only another user can log in that account
This may give you glimps, in database you may add a table UserLogin with two fields UserId, IsLogin. While loggin in any user check for islogin status if it returns true then dont allow user to login. If returns false then allow user to get login. After successful login switch islogin state true.
Hope I have understand your question.
Darshan Joshi's answer is one way to do it, and if you have a simple enough application it may be sufficient.
Depending on the specifics of your application, you might want to think about different angles.
For example: If more than one distinct page needs to only take one user at a time, I would think about creating a new table with a record for each of these pages. This way, you can set a page as logged-in/in-use using the user's unique ID when someone logs in or access the page. When the user logs out/leaves the page (or if their ASP Session expires- users do not always log out cleanly!) you can "unlock" the page again. Not only that, you might reduce database load by searching specifically for the page record rather than any user with a logged-in flag.