For every request I found that 4 queries are fired to validate the user and the token. Among them one is to fetch the user (select * from user) based on the user id. This queries are fired by Passport/Laravel But what I want is to modify this query to add one status field check also to check if any user become invalid during the token validity period. If we only check with the id then if any user become inactive(By changing status then also we will not be able to stop the user as deleting the token for the user is not a good solution for me).
Queries Fired on every request by Passport Laravel:
select * from oauth_access_tokens where id = ? select * from user where id = ? limit 1 ["2"] select * from oauth_access_tokens where id = ? select * from oauth_clients where id = ?
So, can anyone tell me how to change the 'select * from user where id' query in passport at time of Token validation.
I wouldn't try and modify passports default behaviour as I have no idea what else it might impact both now and in future upgrades.
Your best bet might be to hook into the passport events and apply you business logic to a listener that is called when the events are fired
I am also not planning to chnage its default behaviour. But for authentication passport already allow to extend and use custom method in your model(findForPassport()). This is required becuase database structure can be different.
Now every request Authorization is anything available. Becuase as u can see that passport only checks that the user exist in the database or not but my requirements is to check that e user exist or not along with test the user is valid or not. Because it may possible that during this session admon invalidated that user.
Current implementation I am doing is when tbe user is invalidated I am revoking all his token to stop access.
But is there any better ways?
Please or to participate in this conversation.