jnarvaezp/social-profile

Store and manage social media links for customers and staff

Maintainers

Package info

github.com/jnarvaezp/plugin-tastyigniter-socialmedia-profile

Type:tastyigniter-extension

pkg:composer/jnarvaezp/social-profile

Statistics

Installs: 1

Dependents: 0

Suggesters: 0

Stars: 0

Open Issues: 0

Security

Advisories: 0

Aikido package health analysis

dev-main 2026-04-30 13:37 UTC

Requires

MIT f483f2a47d67f5f0506f40b3c6bd19be61bec617

  • jnarvaezp <jnarvaezp.woop@users.noreply.github.com>

This package is auto-updated.

Last update: 2026-04-30 13:39:41 UTC

README

TastyIgniter v4 PHP License: MIT GitHub Stars GitHub Issues GitHub Forks Code Size

A TastyIgniter v4 extension to store and manage social media links (WhatsApp, Telegram, Instagram, Facebook, TikTok) for customers and admin users, with a full REST API and audit logging.

Features

  • Custom Admin UI — Individual labeled text fields for each social platform in Customer and Staff User forms
  • REST APIGET / PUT endpoints for reading and updating social links via Sanctum tokens
  • Input Validation — Only allowed platforms, string values, max 255 chars per link
  • Audit Logging — Dedicated daily log file with IP, user agent, before/after states
  • Multi-model Support — Links stored on both customers and admin_users tables
  • JSON Storage — Single nullable JSON column per model (no extra tables)

Supported Platforms

Platform Icon Example Value
WhatsApp fa-whatsapp +56912345678
Telegram fa-telegram @username
Instagram fa-instagram @username
Facebook fa-facebook https://facebook.com/username
TikTok fa-tiktok @username

Requirements

Installation

Via Composer (recommended)

cd /path/to/tastyigniter
composer require jnarvaezp/social-profile
php artisan migrate

Manual Installation

  1. Download or clone this repository into your extensions/ directory:
git clone git@github.com:jnarvaezp/plugin-tastyigniter-socialmedia-profile.git extensions/igniter/social-profile
  1. Run migrations:
php artisan migrate

  1. Enable the extension from Admin > Manage > Extensions.

  2. Clear cache:

php artisan config:clear
php artisan cache:clear

Database Schema

This extension adds a single JSON column to two existing tables:

-- Customers table
ALTER TABLE customers ADD social_links JSON NULL AFTER last_seen;

-- Admin users table
ALTER TABLE admin_users ADD social_links JSON NULL AFTER last_seen;

Example stored value:

{
  "whatsapp": "+56987654321",
  "telegram": "@mariagonzalez",
  "instagram": "@mariag",
  "facebook": "https://facebook.com/mariag",
  "tiktok": "@mariag2026"
}

Admin UI

After installation, edit any Customer or Staff User in the Admin panel. A "Social Links" tab appears with 5 labeled text fields — one per platform.

The custom SocialLinksWidget handles:

  • Reading the JSON column and populating each field
  • Collecting field values and encoding to JSON on save

REST API

The extension registers two API endpoints via TastyIgniter's ApiManager.

Authentication

All requests require a Sanctum Bearer token. Generate one:

php artisan igniter:api-token --name=my_device --email=admin@example.com --admin

Or via POST:

curl -X POST https://your-site.com/api/token \
  -d "email=admin@example.com&password=your_password&device_name=my_device&is_admin=1"

Endpoints

Get Social Links

GET /api/social-links/{customer_id}

Request:

curl -H "Authorization: Bearer YOUR_TOKEN" \
     -H "Accept: application/json" \
     https://your-site.com/api/social-links/1

Response:

{
  "data": {
    "type": "sociallinkscontroller",
    "id": "1",
    "attributes": {
      "customer_id": 1,
      "social_links": {
        "whatsapp": "+56912345678",
        "telegram": "@mariagonzalez"
      }
    }
  }
}

Update Social Links

PUT /api/social-links/{customer_id}

Request:

curl -X PUT \
     -H "Authorization: Bearer YOUR_TOKEN" \
     -H "Content-Type: application/json" \
     -d '{"social_links":{"whatsapp":"+56999999999","telegram":"@new_username"}}' \
     https://your-site.com/api/social-links/1

Response:

{
  "data": {
    "type": "sociallinkscontroller",
    "id": "1",
    "attributes": {
      "customer_id": 1,
      "social_links": {
        "whatsapp": "+56999999999",
        "telegram": "@new_username"
      }
    }
  }
}

Error Responses

401 Unauthorized (no token):

{"message": "Unauthenticated."}

422 Validation Error (invalid platform):

{
  "message": "422 Unprocessable Content",
  "errors": {
    "social_links": ["Plataformas no permitidas: linkedin"]
  }
}

422 Validation Error (non-string value):

{
  "message": "422 Unprocessable Content",
  "errors": {
    "social_links": ["El valor de whatsapp debe ser texto."],
    "social_links.whatsapp": ["The social_links.whatsapp must be a string."]
  }
}

Validation Rules

Rule Description
Allowed platforms Only whatsapp, telegram, instagram, facebook, tiktok
Value type Must be a string
Value length Max 255 characters per link
Total size Max 2048 characters (entire JSON)
Empty values Rejected (cannot send empty string)
Null Allowed (field is nullable)

Logging

The extension creates a dedicated log channel at:

storage/logs/social-profile-YYYY-MM-DD.log
  • Daily rotation with 30-day retention
  • Show events: logs customer_id, IP, user agent
  • Update events: logs customer_id, IP, before state, input, after state

Example log entry:

[2026-04-25 18:00:02] local.INFO: social_links.update.request
{"customer_id":9,"ip":"127.0.0.1",
 "before":{"telegram":"@old","whatsapp":"+56912345678"},
 "input":{"whatsapp":"+56999999999","telegram":"@new"}}

Architecture

extensions/igniter/social-profile/
├── config/
│   └── social_profile.php              # Platform definitions
├── database/migrations/
│   ├── ..._add_social_links_to_customers.php
│   └── ..._add_social_links_to_admin_users.php
├── resources/views/_partials/formwidgets/sociallinks/
│   └── sociallinks.blade.php           # Widget template (5 inputs)
└── src/
    ├── Extension.php                   # Boot: form fields, validation, API, logging
    ├── FormWidgets/
    │   └── SocialLinksWidget.php       # Custom admin form widget
    ├── ApiResources/
    │   ├── Repositories/
    │   │   └── SocialLinksRepository.php   # Data layer (array to JSON encode)
    │   ├── Requests/
    │   │   └── SocialLinksRequest.php      # API validation
    │   └── Transformers/
    │       └── SocialLinksTransformer.php  # Fractal response transformer
    └── Http/Controllers/
        └── SocialLinksController.php       # REST controller + audit logging

Security

Aspect Status
Sanctum token auth Required on all API endpoints
Token abilities social-links:* required
Platform whitelist Only 5 allowed platforms
Input validation String type, max 255 per value, max 2048 total
SQL injection Protected by Eloquent ORM
XSS (Admin UI) Blade {{ }} auto-escapes
CSRF (Admin UI) Standard Laravel CSRF middleware
Rate limiting Laravel ThrottleRequests (60 req/min)
Audit logging All reads and writes logged with IP

Permissions

The extension registers the Admin.SocialProfile permission. Assign it to admin roles that should manage social links.

Contributing

  1. Fork the repository
  2. Create your feature branch: git checkout -b feature/my-feature
  3. Commit your changes: git commit -am 'Add my feature'
  4. Push to the branch: git push origin feature/my-feature
  5. Open a Pull Request

License

This project is licensed under the MIT License — see the LICENSE file for details.