I'm trying to perform an action the first time a user logs into my api. I'm using Laravel 6.2 with Passport via the password grant authorization method.
My user model has the following fields.
id,
username,
display_name,
firstname,
lastname,
display_picture,
locked,
email,
last_login,
created_at,
updated_at,
deleted_at
Initially I thought the best place to initiate that would be right before the login token is sent to the user, however as the user has never logged in before the last_login field would be null. However the problem is because the token is never sent back to the user at this stage I have no way of confirming the users' token when they get to the create stage. So my request guard doesn't have the logged in user information.
Auth()->guard('api')->user();
i.e. that returns null. Any idea on how I could accomplish this?
This answer is not Laravel-specific, but your question reminded me of a problem I solved some time ago.
What I did was implemented a last_seen field on the user object - this field was not populated upon user creation, or account validation. It was instead populated on log-in and meaningful activity if the cookie is old.
If this field was empty when the user logged in, instead of sending them to the user area, I sent them to the tutorial and then updated the field - if the field was already populated, then I simply updated the field and sent them along to the user area.
This same field could be replaced with a calculated variable assuming user actions are logged in any meaningful way.
Plus, this is a useful value both for deactivating unused accounts and "status" if the platform is social.