From 959491c4a4700451c547f7987de5c14109a57f13 Mon Sep 17 00:00:00 2001
From: rijkvanzanten <rijkvanzanten@me.com>
Date: Wed, 23 Sep 2020 18:50:00 -0400
Subject: [PATCH] Rename last_login to last_access, track on api use

Fixes #192
---
 api/src/database/seeds/01-tables/03-users.yaml |  2 +-
 api/src/middleware/authenticate.ts             | 15 ++++-----------
 2 files changed, 5 insertions(+), 12 deletions(-)

diff --git a/api/src/database/seeds/01-tables/03-users.yaml b/api/src/database/seeds/01-tables/03-users.yaml
index 98e9b9d6eb..cc27841e9b 100644
--- a/api/src/database/seeds/01-tables/03-users.yaml
+++ b/api/src/database/seeds/01-tables/03-users.yaml
@@ -59,7 +59,7 @@ columns:
   token:
     type: string
     length: 255
-  last_login:
+  last_access:
     type: timestamp
   last_page:
     type: string
diff --git a/api/src/middleware/authenticate.ts b/api/src/middleware/authenticate.ts
index 04c1b23eea..310e7c7e17 100644
--- a/api/src/middleware/authenticate.ts
+++ b/api/src/middleware/authenticate.ts
@@ -49,13 +49,9 @@ const authenticate: RequestHandler = asyncHandler(async (req, res, next) => {
 			throw new InvalidCredentialsException();
 		}
 
-		/** @TODO verify user status */
-
 		req.accountability.user = payload.id;
 		req.accountability.role = user.role;
 		req.accountability.admin = user.admin_access === true || user.admin_access == 1;
-
-		return next();
 	} else {
 		// Try finding the user with the provided token
 		const user = await database
@@ -77,13 +73,10 @@ const authenticate: RequestHandler = asyncHandler(async (req, res, next) => {
 		req.accountability.admin = user.admin_access === true || user.admin_access == 1;
 	}
 
-	/**
-	 * @TODO
-	 * Implement static tokens
-	 *
-	 * @NOTE
-	 * We'll silently ignore wrong tokens. This makes sure we prevent brute-forcing static tokens
-	 */
+	if (req.accountability?.user) {
+		await database('directus_users').update({ last_access: new Date() }).where({ id: req.accountability.user });
+	}
+
 	return next();
 });