Merge pull request #413 from directus/last_access

Rename last_login to last_access, track on api use
2026-01-29 11:48:15 -05:00 · 2020-09-23 18:50:34 -04:00
parent e910d0f83f 959491c4a4
commit b06140fc68
2 changed files with 5 additions and 12 deletions
--- a/api/src/database/seeds/01-tables/03-users.yaml
+++ b/api/src/database/seeds/01-tables/03-users.yaml
@@ -59,7 +59,7 @@ columns:
  token:
    type: string
    length: 255
-  last_login:
+  last_access:
    type: timestamp
  last_page:
    type: string
--- a/api/src/middleware/authenticate.ts
+++ b/api/src/middleware/authenticate.ts
@@ -49,13 +49,9 @@ const authenticate: RequestHandler = asyncHandler(async (req, res, next) => {
 			throw new InvalidCredentialsException();
 		}

-		/** @TODO verify user status */
-
 		req.accountability.user = payload.id;
 		req.accountability.role = user.role;
 		req.accountability.admin = user.admin_access === true || user.admin_access == 1;
-
-		return next();
 	} else {
 		// Try finding the user with the provided token
 		const user = await database
@@ -77,13 +73,10 @@ const authenticate: RequestHandler = asyncHandler(async (req, res, next) => {
 		req.accountability.admin = user.admin_access === true || user.admin_access == 1;
 	}

-	/**
-	 * @TODO
-	 * Implement static tokens
-	 *
-	 * @NOTE
-	 * We'll silently ignore wrong tokens. This makes sure we prevent brute-forcing static tokens
-	 */
+	if (req.accountability?.user) {
+		await database('directus_users').update({ last_access: new Date() }).where({ id: req.accountability.user });
+	}
+
 	return next();
 });