Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[11.x] Cache token repository #53428

Merged
merged 6 commits into from
Nov 8, 2024
Merged

[11.x] Cache token repository #53428

merged 6 commits into from
Nov 8, 2024

Conversation

browner12
Copy link
Contributor

Password reset tokens are a relatively short lived entity. Currently our only framework option is for them to be stored in the database. This is an okay option, but it's slightly annoying because it's another table to maintain, and makes it more difficult for Laravel to make desired adjustment if they require a schema change.

This PR proposes a new CacheTokenRepository which will allow the password reset tokens to be handled via cache. IMO cache is a perfect storage medium because it can be more ephemeral, just like the password reset tokens.

To enable this new CacheTokenRepository, adjust your config/auth.php like so:

'passwords' => [

    //new cache driver
    'customers' => [
        'driver'   => 'cache',
        'store'    => 'passwords',
        'provider' => 'customers',
        'expire'   => 60,
        'throttle' => 60,
    ],

   //default old database driver
    'users'     => [
        'provider' => 'users',
        'table'    =>'password_reset_tokens',
        'expire'   => 60,
        'throttle' => 60,
    ],
],

The driver key will activate the new "cache" driver. The store key is optional, although I would recommend creating a dedicated cache store for your password resets to prevent flushing your password resets when refreshing your normal cache. The expire and throttle key behave as before.

If your application has multiple "providers" that all use email as their identifier, you also get the added benefit of being able to place them on separate cache stores, thus avoiding an unlikely but possible collision.

@browner12
wip
b5050e6
@browner12
Update CacheTokenRepository.php
5fccb8b 
- store the carbon date as a formatted string
- use the existing `delete()` method
- simplify constructor and properties
@browner12
Update PasswordBrokerManager.php
a034701 
have the `PasswordBrokerManager` pass in expiration as seconds
@browner12
styling
3803b2e
@browner12
minor styling
68d5307
@browner12
check for set "driver" key
e98e0f3
@taylorotwell taylorotwell merged commit 988de8a into laravel:11.x Nov 8, 2024
31 checks passed
@browner12 browner12 deleted the AB-cache-token-repository branch November 8, 2024 06:46
@browner12 browner12 mentioned this pull request Nov 8, 2024
Closed
@browner12 browner12 mentioned this pull request Nov 19, 2024
Draft
@blumilk-renovate blumilk-renovate bot mentioned this pull request Dec 3, 2024
Merged
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@browner12 @taylorotwell