From 4dde62e1cdfc9174ef555d3f1c69db6248c3502a Mon Sep 17 00:00:00 2001 From: nanaya Date: Fri, 24 Nov 2023 18:07:59 +0900 Subject: [PATCH 1/2] Update user last visit on game client access This assumes it's from client iff the token has `*` scope. --- app/Http/Kernel.php | 1 + app/Http/Middleware/UpdateUserLastvisit.php | 32 ++++++++++++--------- 2 files changed, 20 insertions(+), 13 deletions(-) diff --git a/app/Http/Kernel.php b/app/Http/Kernel.php index a45cf05a3df..c6062330a92 100644 --- a/app/Http/Kernel.php +++ b/app/Http/Kernel.php @@ -23,6 +23,7 @@ class Kernel extends HttpKernel Middleware\AuthApi::class, Middleware\SetLocaleApi::class, Middleware\CheckUserBanStatus::class, + Middleware\UpdateUserLastvisit::class, ], 'web' => [ Middleware\StripCookies::class, diff --git a/app/Http/Middleware/UpdateUserLastvisit.php b/app/Http/Middleware/UpdateUserLastvisit.php index 063605a2cc2..b0065ea54e6 100644 --- a/app/Http/Middleware/UpdateUserLastvisit.php +++ b/app/Http/Middleware/UpdateUserLastvisit.php @@ -24,24 +24,30 @@ public function handle($request, Closure $next) $user = $this->auth->user(); if ($user !== null) { - $isInactive = $user->isInactive(); + $token = $user->token(); + $shouldUpdate = $token === null || in_array('*', $token->scopes, true); - if ($isInactive) { - $isVerified = $user->isSessionVerified(); - } + if ($shouldUpdate) { + $isInactive = $user->isInactive(); + if ($isInactive) { + $isVerified = $user->isSessionVerified(); + } - if (!$isInactive || $isVerified) { - $recordedLastVisit = $user->getRawAttribute('user_lastvisit'); - $currentLastVisit = time(); + if (!$isInactive || $isVerified) { + $recordedLastVisit = $user->getRawAttribute('user_lastvisit'); + $currentLastVisit = time(); - if ($currentLastVisit - $recordedLastVisit > 300) { - $user->update([ - 'user_lastvisit' => $currentLastVisit, - ], ['skipValidations' => true]); + if ($currentLastVisit - $recordedLastVisit > 300) { + $user->update([ + 'user_lastvisit' => $currentLastVisit, + ], ['skipValidations' => true]); + } } - } - $this->recordSession($request); + if ($token === null) { + $this->recordSession($request); + } + } } return $next($request); From 07a15a7cb1949ed100a47544972117c9452bba1a Mon Sep 17 00:00:00 2001 From: nanaya Date: Fri, 24 Nov 2023 20:50:27 +0900 Subject: [PATCH 2/2] Change to check password client type instead --- app/Http/Middleware/AuthApi.php | 1 + app/Http/Middleware/UpdateUserLastvisit.php | 2 +- 2 files changed, 2 insertions(+), 1 deletion(-) diff --git a/app/Http/Middleware/AuthApi.php b/app/Http/Middleware/AuthApi.php index 72c46653816..592c1ef5a17 100644 --- a/app/Http/Middleware/AuthApi.php +++ b/app/Http/Middleware/AuthApi.php @@ -79,6 +79,7 @@ private function validTokenFromRequest($psr) throw new AuthenticationException('invalid token'); } + $token->setRelation('client', $client); $token->validate(); $user = $token->getResourceOwner(); diff --git a/app/Http/Middleware/UpdateUserLastvisit.php b/app/Http/Middleware/UpdateUserLastvisit.php index b0065ea54e6..a817773224a 100644 --- a/app/Http/Middleware/UpdateUserLastvisit.php +++ b/app/Http/Middleware/UpdateUserLastvisit.php @@ -25,7 +25,7 @@ public function handle($request, Closure $next) if ($user !== null) { $token = $user->token(); - $shouldUpdate = $token === null || in_array('*', $token->scopes, true); + $shouldUpdate = $token === null || $token->client->password_client; if ($shouldUpdate) { $isInactive = $user->isInactive();