• 设为首页
  • 点击收藏
  • 手机版
    手机扫一扫访问
    迪恩网络手机版
  • 关注官方公众号
    微信扫一扫关注
    迪恩网络公众号

404labfr/laravel-impersonate: Laravel Impersonate is a plugin that allows you to ...

原作者: [db:作者] 来自: 网络 收藏 邀请

开源软件名称(OpenSource Name):

404labfr/laravel-impersonate

开源软件地址(OpenSource Url):

https://github.com/404labfr/laravel-impersonate

开源编程语言(OpenSource Language):

PHP 99.2%

开源软件介绍(OpenSource Introduction):

Laravel Impersonate

Build Status Scrutinizer Code Quality

Laravel Impersonate makes it easy to authenticate as your users. Add a simple trait to your user model and impersonate as one of your users in one click.

Requirements

  • Laravel 6.x to 9.x
  • PHP >= 7.2 or >= 8.0

Laravel support

Version Release
6.x to 9.x 1.7
6.x, 7.x 1.6
5.8 1.5
5.7, 5.6 1.2
5.5, 5.4 1.1

Installation

  • Require it with Composer:
composer require lab404/laravel-impersonate
  • Add the service provider at the end of your config/app.php:
'providers' => [
    // ...
    Lab404\Impersonate\ImpersonateServiceProvider::class,
],
  • Add the trait Lab404\Impersonate\Models\Impersonate to your User model.

Simple usage

Impersonate a user:

Auth::user()->impersonate($other_user);
// You're now logged as the $other_user

Leave impersonation:

Auth::user()->leaveImpersonation();
// You're now logged as your original user.

Using the built-in controller

In your routes file, under web middleware, you must call the impersonate route macro.

Route::impersonate();

Alternatively, you can execute this macro with your RouteServiceProvider.

namespace App\Providers;

class RouteServiceProvider extends ServiceProvider
{
    public function map() {
        Route::middleware('web')->group(function (Router $router) {
            $router->impersonate();
        });
    }
}
// Where $id is the ID of the user you want impersonate
route('impersonate', $id)

// Or in case of multi guards, you should also add `guardName` (defaults to `web`)
route('impersonate', ['id' => $id, 'guardName' => 'admin'])

// Generate an URL to leave current impersonation
route('impersonate.leave')

Advanced Usage

Defining impersonation authorization

By default all users can impersonate an user.
You need to add the method canImpersonate() to your user model:

    /**
     * @return bool
     */
    public function canImpersonate()
    {
        // For example
        return $this->is_admin == 1;
    }

By default all users can be impersonated.
You need to add the method canBeImpersonated() to your user model to extend this behavior:

    /**
     * @return bool
     */
    public function canBeImpersonated()
    {
        // For example
        return $this->can_be_impersonated == 1;
    }

Using your own strategy

  • Getting the manager:
// With the app helper
app('impersonate')
// Dependency Injection
public function impersonate(ImpersonateManager $manager, $user_id) { /* ... */ }
  • Working with the manager:
$manager = app('impersonate');

// Find an user by its ID
$manager->findUserById($id);

// TRUE if your are impersonating an user.
$manager->isImpersonating();

// Impersonate an user. Pass the original user and the user you want to impersonate
$manager->take($from, $to);

// Leave current impersonation
$manager->leave();

// Get the impersonator ID
$manager->getImpersonatorId();

Middleware

Protect From Impersonation

You can use the middleware impersonate.protect to protect your routes against user impersonation.
This middleware can be useful when you want to protect specific pages like users subscriptions, users credit cards, ...

Router::get('/my-credit-card', function() {
    echo "Can't be accessed by an impersonator";
})->middleware('impersonate.protect');

Events

There are two events available that can be used to improve your workflow:

  • TakeImpersonation is fired when an impersonation is taken.
  • LeaveImpersonation is fired when an impersonation is leaved.

Each events returns two properties $event->impersonator and $event->impersonated containing User model instance.

Configuration

The package comes with a configuration file.

Publish it with the following command:

php artisan vendor:publish --tag=impersonate

Available options:

    // The session key used to store the original user id.
    'session_key' => 'impersonated_by',
    // Where to redirect after taking an impersonation.
    // Only used in the built-in controller.
    // You can use: an URI, the keyword back (to redirect back) or a route name
    'take_redirect_to' => '/',
    // Where to redirect after leaving an impersonation.
    // Only used in the built-in controller.
    // You can use: an URI, the keyword back (to redirect back) or a route name
    'leave_redirect_to' => '/'

Blade

There are three Blade directives available.

When the user can impersonate

@canImpersonate($guard = null)
    <a href="{{ route('impersonate', $user->id) }}">Impersonate this user</a>
@endCanImpersonate

When the user can be impersonated

This comes in handy when you have a user list and want to show an "Impersonate" button next to all the users. But you don't want that button next to the current authenticated user neither to that users which should not be able to impersonated according your implementation of canBeImpersonated() .

@canBeImpersonated($user, $guard = null)
    <a href="{{ route('impersonate', $user->id) }}">Impersonate this user</a>
@endCanBeImpersonated

When the user is impersonated

@impersonating($guard = null)
    <a href="{{ route('impersonate.leave') }}">Leave impersonation</a>
@endImpersonating

Tests

vendor/bin/phpunit

Contributors

Rationale

Why not just use loginAsId()?

This package adds broader functionality, including Blade directives to allow you to override analytics and other tracking events when impersonating, fire events based on impersonation status, and more. Brief discussion at issues/5

Licence

MIT




鲜花

握手

雷人

路过

鸡蛋
该文章已有0人参与评论

请发表评论

全部评论

专题导读
热门推荐
阅读排行榜

扫描微信二维码

查看手机版网站

随时了解更新最新资讯

139-2527-9053

在线客服(服务时间 9:00~18:00)

在线QQ客服
地址:深圳市南山区西丽大学城创智工业园
电邮:jeky_zhao#qq.com
移动电话:139-2527-9053

Powered by 互联科技 X3.4© 2001-2213 极客世界.|Sitemap