hashmatwaziri/laravel-multi-auth-impersonate

laravel-multi-auth-impersonate

Maintainers

Details

github.com/HashmatWaziri/laravel-multi-auth-impersonate

Homepage

Source

Issues

Fund package maintenance!
HashmatWaziri
Other

Installs: 21

Dependents: 0

Suggesters: 0

Security: 0

Stars: 3

Watchers: 2

Forks: 0

Open Issues: 0

v1.0 2021-01-20 01:04 UTC

Requires

Requires (Dev)

MIT 1a3f71f7832dd8df58f700e65b63d6e96838430e

authlaravelmultiauthimpersonationimpersonatelaravel-packagelaravel-multi-auth-impersonate

This package is auto-updated.

Last update: 2024-09-06 04:27:22 UTC

README

Latest Version on Packagist

Total Downloads

Requirements

  • Php > 7.3 or 8

Installation

You can install the package via composer:

composer require HashmatWaziri/laravel-multi-auth-impersonate

You can publish the config file with:

php artisan vendor:publish --provider="HashmatWaziri\LaravelMultiAuthImpersonate\LaravelMultiAuthImpersonateServiceProvider" --tag="multiAuthImpersonate"

This is the contents of the published config file:

return [
 /**
     * The session key used to store the original user id.
     */
    'session_key' => 'impersonated_by',

    /**
     * The session key used to stored the original user guard.
     */
    'session_guard' => 'impersonator_guard',

    /**
     * The session key used to stored what guard is impersonator using.
     */
    'session_guard_using' => 'impersonator_guard_using',

    /**
     * The default impersonator guard used.
     */
    'default_impersonator_guard' => 'web',
];

Redirect URLs

take Redirect : when impersonating another user, you can add the method takeRedirectTo() to your model which is being impersonated:

example:

  class User extends Authenticatable implements MustVerifyEmail
{

    use Notifiable,Impersonate;



    public static function takeRedirectTo(){

        return url('/after-being-impersonated');
    }

}

leave Redirect : when an impersonator ( the one who impersonated or logged in as another user) is leaving the impersonation, you can add the method leaveRedirectTo() to that model:

example:

  class Employee extends Authenticatable implements MustVerifyEmail
{

    use Notifiable,Impersonate;



    public static function leaveRedirectTo(){

        return url('/workplace/dashboard');
    }

}

Usage

Impersonate a user:

$other_user = App\Student::find(1);
Auth::user()->impersonate($other_user);
// You're now logged as the $other_user

Leave impersonation:

Auth::user()->leaveImpersonation();
// You're now logged as your original user.

Routes

In your routes file, under web middleware, you must call the multiAuthImpersonate route macro with any route name you choose to be used for this package. This package let user decides on which package URL these routes should be registered

Route::multiAuthImpersonate('impersonation');

Alternatively, you can execute this macro with your RouteServiceProvider.

namespace App\Providers;

class RouteServiceProvider extends ServiceProvider
{
    public function map() {
	// here you can supply an array of guards ex ['web','employee','etc'] so that each can impersonate other
        Route::middleware('web')->group(function (Router $router) {
            $router->multiAuthImpersonate('impersonation');
        });
    }
}
// Where $id is the ID of the user you want impersonate
route('impersonate', $id)

// You should also add `guardName`
route('impersonate', ['id' => $id, 'guardName' => 'admin'])

// Generate an URL to leave current impersonation
route('impersonate.leave')

Defining impersonation authorization

By default all users can impersonate an user.
You need to add the method canImpersonate() to your guard model: example:

  class User extends Authenticatable implements MustVerifyEmail
{

    use Notifiable,Impersonate;


//    /**
//     * @return bool
//     */
    public function canImpersonate()
    {

        return true ;

    }

}

By default all users can be impersonated.
You need to add the method canBeImpersonated() to your guard model to extend this behavior:

    /**
     * @return bool
     */
    public function canBeImpersonated()
    {
        // For example
        return $this->can_be_impersonated == 1;
    }

Using your own strategy

  • Getting the manager:
// With the app helper
app('impersonate')
// Dependency Injection
public function impersonate(ImpersonateManager $manager, $user_id) { /* ... */ }
  • Working with the manager:
$manager = app('impersonate');

// Find an user by its ID
$manager->findUserById($id);

// TRUE if your are impersonating an user.
$manager->isImpersonating();

// Impersonate an user. Pass the original user and the user you want to impersonate
$manager->take($from, $to);

// Leave current impersonation
$manager->leave();

// Get the impersonator ID
$manager->getImpersonatorId();

Testing

composer test

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

License

The MIT License (MIT). Please see License File for more information.