Users module

The users module is responsible for anything to do with users and their profiles. It leverages Laravel authentication.

Impersonate a user

You can act as another user, this is useful for troubleshooting and testing. Navigate to the user in the dash and click the "Impersonate" button, you will then be acting as that logged in user.

You can stop impersonating a user by clicking the link in the bottom right of the page.

This functionality is provided by https://github.com/404labfr/laravel-impersonate

Single sign-on

Provides single sign-on (SSO) for users. This is useful for allowing users to sign in with their existing credentials from another service.

How to use

To use SSO, you need to:

  1. Setup your identity provider on the vendor platform (Google, Azure etc), see guides below for each provider.
  2. Enable the provider in the admin dash and add the required settings: visit /dash/settings/sso

Providers supported

Providers currently supported are:

  • Google
  • Azure

Setup Google provider guide

https://developers.google.com/identity/sign-in/web/server-side-flow#step_1_create_a_client_id_and_client_secret

Setup Azure provider guide

https://learn.microsoft.com/en-us/entra/identity/enterprise-apps/add-application-portal-setup-oidc-sso

  • Follow the guide to create a new app registration
  • Add the redirect URL to the app registration under Authentication > Redirect URIs > Add URI > Web type (this is the URL of your site with /auth/callback/azure appended)
  • Under app registration > Your app > Essentials, copy the Application (client) ID
  • Add a new client secret under Client credentials. Copy the secret VALUE (not the Secret ID).

Add a new provider

To add a new provider, you need to:

  1. Make sure the provider is supported by the Socialite package: https://laravel.com/docs/10.x/socialite#configuration
    If not you need to install a new providers following: https://socialiteproviders.com/
  2. Add the provider to the config/services.php file. See how current providers have been setup for examples.
  3. Configure the provider settings in the dashboard: visit dash/settings/sso

Generic user groups

A user is can be classified as a public member or a content manager. See Modules\Users\Enums\UserGroup enum. A public member is a user that has a single role authenticated or no role whereas, a content manager is a user that can have a single role other than authenticated, or can have a combination of authenticated and other roles. Any generic user group in the future should be declared in the enum class itself.