creode / laravel-account-approval
A Laravel package which provides basic functionality for users to require account approval after registration.
Fund package maintenance!
Creode
Requires
- php: ^8.1
- illuminate/contracts: ^10.0 | ^11.0
- spatie/laravel-package-tools: ^1.14.0
Requires (Dev)
- larastan/larastan: ^2.0.1
- laravel/pint: ^1.0
- nunomaduro/collision: ^7.8 | ^8.1
- orchestra/testbench: ^8.8
- pestphp/pest: ^2.20
- pestphp/pest-plugin-arch: ^2.0
- pestphp/pest-plugin-laravel: ^2.0
- phpstan/extension-installer: ^1.1
- phpstan/phpstan-deprecation-rules: ^1.0
- phpstan/phpstan-phpunit: ^1.0
This package is auto-updated.
Last update: 2024-10-24 13:30:53 UTC
README
A Laravel package which provides basic functionality for users to require account approval after registration.
Installation
You can install the package via composer:
composer require creode/laravel-account-approval
Migrations
You can publish and run the migrations with:
php artisan vendor:publish --tag="account-approval-migrations"
php artisan migrate
Configuration
You can publish the config file with:
php artisan vendor:publish --tag="account-approval-config"
Thie following options are available in the config file:
users_table- The name of the users table in the database. Defaults tousers.account_not_verified_message- The message shown flashed to session when an account is not verified. Defaults toYour account has not been verified. Please check your email for a verification link..
Middleware
In order to prevent users from accessing the site until they have been approved, the AccountActivated middleware should be added to the web middleware group in app/Http/Kernel.php:
protected $middlewareGroups = [ 'web' => [ // ... \Creode\LaravelAccountApproval\Http\Middleware\AccountActivated::class, ], // ... ];
This middleware will run on every request, detect if the user is logged in and if they are not approved, redirect them to the login route. This route can be configured in the config/account-approval.php file.
Extending Middleware
If you need to execute some custom functionality for the current website you can extend the AccountActivated middleware and override the accountNotActivated method. This will allow you to execute your custom functionality. The unverifiedAccountRedirect function can also be overridden to allow you to redirect to a custom route and set your own messaging/functionality.
namespace App\Http\Middleware; use Closure; use Creode\LaravelAccountApproval\Http\Middleware\AccountActivated as BaseAccountActivated; class AccountActivated extends BaseAccountActivated { /** * Handle a failed activation. * * @param \Illuminate\Http\Request $request * @param \Closure $next * * @return mixed */ protected function accountNotActivated(Request $request, Closure $next) { // Your custom functionality here } /** * Redirect which will happen if the user is not activated. * * Return null to continue with the request. * * @param Request $request * @param Closure $next * * @return Response|null */ protected function unverifiedAccountRedirect(Request $request, Closure $next): ?Response { // Your custom functionality here } }
Usage
Following package installation, running the migrations command will add an activated column to the users table. This defaults to false for all users. It is assumed this is the best configuration to get a site up and running quickly.
Alternatively, running the seeder provided in this module will set all existing users to be approved. This can be run with the following command:
php artisan db:seed --class="Creode\LaravelAccountApproval\Database\Seeders\AccountApprovalSeeder"
This will resolve the default authentication model and set the activated flag to true for all users.
Testing
composer test
Changelog
Please see CHANGELOG for more information on what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security Vulnerabilities
Please review our security policy on how to report security vulnerabilities.
Credits
License
The MIT License (MIT). Please see License File for more information.