├── public ├── favicon.ico ├── robots.txt ├── mix-manifest.json ├── .htaccess ├── web.config ├── index.php └── js │ └── app.js.LICENSE.txt ├── database ├── .gitignore ├── seeders │ ├── DatabaseSeeder.php │ └── UserTableSeeder.php ├── migrations │ ├── 2014_10_12_100000_create_password_resets_table.php │ ├── 2019_08_19_000000_create_failed_jobs_table.php │ ├── 2021_05_10_015649_create_sessions_table.php │ ├── 2019_12_14_000001_create_personal_access_tokens_table.php │ ├── 2014_10_12_200000_add_two_factor_columns_to_users_table.php │ ├── 2014_10_12_000000_create_users_table.php │ └── 2021_05_19_015833_create_permission_tables.php └── factories │ └── UserFactory.php ├── bootstrap ├── cache │ └── .gitignore └── app.php ├── storage ├── logs │ └── .gitignore ├── app │ ├── public │ │ └── .gitignore │ └── .gitignore └── framework │ ├── testing │ └── .gitignore │ ├── views │ └── .gitignore │ ├── cache │ ├── data │ │ └── .gitignore │ └── .gitignore │ ├── sessions │ └── .gitignore │ └── .gitignore ├── resources ├── markdown │ ├── policy.md │ └── terms.md ├── js │ ├── Jetstream │ │ ├── SectionBorder.vue │ │ ├── InputError.vue │ │ ├── Label.vue │ │ ├── Button.vue │ │ ├── DangerButton.vue │ │ ├── SecondaryButton.vue │ │ ├── AuthenticationCard.vue │ │ ├── Input.vue │ │ ├── DropdownLink.vue │ │ ├── SectionTitle.vue │ │ ├── ApplicationMark.vue │ │ ├── NavLink.vue │ │ ├── ActionMessage.vue │ │ ├── AuthenticationCardLogo.vue │ │ ├── Dropdown.vue │ │ ├── ValidationErrors.vue │ │ ├── Checkbox.vue │ │ ├── ActionSection.vue │ │ ├── Modal.vue │ │ ├── DialogModal.vue │ │ ├── ResponsiveNavLink.vue │ │ ├── FormSection.vue │ │ ├── ConfirmationModal.vue │ │ ├── Banner.vue │ │ ├── ApplicationLogo.vue │ │ └── ConfirmsPassword.vue │ ├── Pages │ │ ├── Dashboard.vue │ │ ├── TermsOfService.vue │ │ ├── PrivacyPolicy.vue │ │ ├── API │ │ │ └── Index.vue │ │ ├── Profile │ │ │ ├── Show.vue │ │ │ ├── UpdatePasswordForm.vue │ │ │ ├── DeleteUserForm.vue │ │ │ └── UpdateProfileInformationForm.vue │ │ └── Auth │ │ │ ├── ConfirmPassword.vue │ │ │ ├── VerifyEmail.vue │ │ │ ├── ForgotPassword.vue │ │ │ ├── ResetPassword.vue │ │ │ ├── Login.vue │ │ │ ├── TwoFactorChallenge.vue │ │ │ └── Register.vue │ ├── Components │ │ ├── Footer.vue │ │ └── Pagination.vue │ ├── app.js │ ├── bootstrap.js │ └── Layouts │ │ └── AdminLayout.vue ├── sass │ ├── _variables.scss │ ├── _my_custom.scss │ ├── app.scss │ └── _custom.scss ├── lang │ └── en │ │ ├── pagination.php │ │ ├── auth.php │ │ └── passwords.php └── views │ └── app.blade.php ├── .gitattributes ├── tests ├── TestCase.php ├── Unit │ └── ExampleTest.php ├── Feature │ ├── ExampleTest.php │ ├── BrowserSessionsTest.php │ ├── ProfileInformationTest.php │ ├── RegistrationTest.php │ ├── DeleteApiTokenTest.php │ ├── AuthenticationTest.php │ ├── DeleteAccountTest.php │ ├── CreateApiTokenTest.php │ ├── PasswordConfirmationTest.php │ ├── ApiTokenPermissionsTest.php │ ├── UpdatePasswordTest.php │ ├── TwoFactorAuthenticationSettingsTest.php │ ├── PasswordResetTest.php │ └── EmailVerificationTest.php └── CreatesApplication.php ├── .styleci.yml ├── .gitignore ├── .editorconfig ├── app ├── Http │ ├── Middleware │ │ ├── EncryptCookies.php │ │ ├── VerifyCsrfToken.php │ │ ├── TrustHosts.php │ │ ├── PreventRequestsDuringMaintenance.php │ │ ├── TrimStrings.php │ │ ├── Authenticate.php │ │ ├── TrustProxies.php │ │ ├── RedirectIfAuthenticated.php │ │ └── HandleInertiaRequests.php │ ├── Controllers │ │ ├── Controller.php │ │ └── Admins │ │ │ ├── AdminDashboardController.php │ │ │ ├── AdminController.php │ │ │ ├── PermissionController.php │ │ │ ├── RoleController.php │ │ │ └── UserController.php │ └── Kernel.php ├── Actions │ ├── Fortify │ │ ├── PasswordValidationRules.php │ │ ├── ResetUserPassword.php │ │ ├── CreateNewUser.php │ │ ├── UpdateUserPassword.php │ │ └── UpdateUserProfileInformation.php │ └── Jetstream │ │ └── DeleteUser.php ├── Providers │ ├── BroadcastServiceProvider.php │ ├── AppServiceProvider.php │ ├── AuthServiceProvider.php │ ├── EventServiceProvider.php │ ├── JetstreamServiceProvider.php │ ├── FortifyServiceProvider.php │ └── RouteServiceProvider.php ├── Exceptions │ └── Handler.php ├── Console │ └── Kernel.php └── Models │ └── User.php ├── webpack.config.js ├── README.md ├── routes ├── channels.php ├── api.php ├── console.php └── web.php ├── server.php ├── webpack.mix.js ├── config ├── cors.php ├── services.php ├── view.php ├── hashing.php ├── sanctum.php ├── broadcasting.php ├── jetstream.php ├── filesystems.php ├── queue.php ├── logging.php ├── cache.php ├── mail.php └── auth.php ├── .env.example ├── package.json ├── phpunit.xml ├── artisan └── composer.json /public/favicon.ico: -------------------------------------------------------------------------------- 1 | -------------------------------------------------------------------------------- /database/.gitignore: -------------------------------------------------------------------------------- 1 | *.sqlite* 2 | -------------------------------------------------------------------------------- /bootstrap/cache/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/logs/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /public/robots.txt: -------------------------------------------------------------------------------- 1 | User-agent: * 2 | Disallow: 3 | -------------------------------------------------------------------------------- /storage/app/public/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/app/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !public/ 3 | !.gitignore 4 | -------------------------------------------------------------------------------- /storage/framework/testing/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/framework/views/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/framework/cache/data/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/framework/sessions/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !.gitignore 3 | -------------------------------------------------------------------------------- /storage/framework/cache/.gitignore: -------------------------------------------------------------------------------- 1 | * 2 | !data/ 3 | !.gitignore 4 | -------------------------------------------------------------------------------- /resources/markdown/policy.md: -------------------------------------------------------------------------------- 1 | # Privacy Policy 2 | 3 | Edit this file to define the privacy policy for your application. 4 | -------------------------------------------------------------------------------- /resources/markdown/terms.md: -------------------------------------------------------------------------------- 1 | # Terms of Service 2 | 3 | Edit this file to define the terms of service for your application. 4 | -------------------------------------------------------------------------------- /resources/js/Jetstream/SectionBorder.vue: -------------------------------------------------------------------------------- 1 | 6 | -------------------------------------------------------------------------------- /.gitattributes: -------------------------------------------------------------------------------- 1 | * text=auto 2 | *.css linguist-vendored 3 | *.scss linguist-vendored 4 | *.js linguist-vendored 5 | CHANGELOG.md export-ignore 6 | -------------------------------------------------------------------------------- /public/mix-manifest.json: -------------------------------------------------------------------------------- 1 | { 2 | "/js/app.js": "/js/app.js?id=8e070f3d92d6d81b798a", 3 | "/css/app.css": "/css/app.css?id=add9a336c77eb6c12613" 4 | } 5 | -------------------------------------------------------------------------------- /storage/framework/.gitignore: -------------------------------------------------------------------------------- 1 | compiled.php 2 | config.php 3 | down 4 | events.scanned.php 5 | maintenance.php 6 | routes.php 7 | routes.scanned.php 8 | schedule-* 9 | services.json 10 | -------------------------------------------------------------------------------- /tests/TestCase.php: -------------------------------------------------------------------------------- 1 | 2 | 5 | 6 | 7 | 12 | -------------------------------------------------------------------------------- /.editorconfig: -------------------------------------------------------------------------------- 1 | root = true 2 | 3 | [*] 4 | charset = utf-8 5 | end_of_line = lf 6 | insert_final_newline = true 7 | indent_style = space 8 | indent_size = 4 9 | trim_trailing_whitespace = true 10 | 11 | [*.md] 12 | trim_trailing_whitespace = false 13 | 14 | [*.{yml,yaml}] 15 | indent_size = 2 16 | -------------------------------------------------------------------------------- /resources/js/Jetstream/Label.vue: -------------------------------------------------------------------------------- 1 | 7 | 8 | 13 | -------------------------------------------------------------------------------- /resources/js/Jetstream/Button.vue: -------------------------------------------------------------------------------- 1 | 6 | 7 | 17 | -------------------------------------------------------------------------------- /tests/Unit/ExampleTest.php: -------------------------------------------------------------------------------- 1 | assertTrue(true); 17 | } 18 | } 19 | -------------------------------------------------------------------------------- /resources/js/Jetstream/DangerButton.vue: -------------------------------------------------------------------------------- 1 | 6 | 7 | 17 | -------------------------------------------------------------------------------- /resources/js/Jetstream/SecondaryButton.vue: -------------------------------------------------------------------------------- 1 | 6 | 7 | 17 | -------------------------------------------------------------------------------- /app/Http/Middleware/EncryptCookies.php: -------------------------------------------------------------------------------- 1 | 2 |
3 |
4 |
5 |
6 | 7 |
8 | 9 |
10 | 11 |
12 |
13 |
14 |
15 | 16 | -------------------------------------------------------------------------------- /resources/sass/_variables.scss: -------------------------------------------------------------------------------- 1 | // Body 2 | $body-bg: #f8fafc; 3 | 4 | // Typography 5 | $font-family-sans-serif: 'Nunito', sans-serif; 6 | $font-size-base: 0.9rem; 7 | $line-height-base: 1.6; 8 | 9 | // Colors 10 | $blue: #3490dc; 11 | $indigo: #6574cd; 12 | $purple: #9561e2; 13 | $pink: #f66d9b; 14 | $red: #e3342f; 15 | $orange: #f6993f; 16 | $yellow: #ffed4a; 17 | $green: #38c172; 18 | $teal: #4dc0b5; 19 | $cyan: #6cb2eb; 20 | -------------------------------------------------------------------------------- /resources/js/Jetstream/Input.vue: -------------------------------------------------------------------------------- 1 | 4 | 5 | 18 | 19 | -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | ## Admin-O-Matic Series on Youtube 2 | 3 | Admin panel built with Laravel 8, Jetstream, Inertia, AdminLTE, Spatie's Laravel-permissions, Jetstrap, and Bootstrap 4 4 | 5 | [Introduction Episode] 6 | 7 | Admin-O-Matic Intro 10 | -------------------------------------------------------------------------------- /app/Http/Controllers/Controller.php: -------------------------------------------------------------------------------- 1 | 2 | 5 | 6 | 7 | 8 | 9 | 10 | 11 | 17 | -------------------------------------------------------------------------------- /resources/js/Jetstream/SectionTitle.vue: -------------------------------------------------------------------------------- 1 | 20 | -------------------------------------------------------------------------------- /app/Actions/Fortify/PasswordValidationRules.php: -------------------------------------------------------------------------------- 1 | call([ 16 | RolesAndPermissionsSeeder::class, 17 | UserTableSeeder::class, 18 | ]); 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /tests/Feature/ExampleTest.php: -------------------------------------------------------------------------------- 1 | get('/'); 18 | 19 | $response->assertStatus(200); 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /app/Http/Middleware/TrustHosts.php: -------------------------------------------------------------------------------- 1 | allSubdomainsOfApplicationUrl(), 18 | ]; 19 | } 20 | } 21 | -------------------------------------------------------------------------------- /app/Http/Middleware/PreventRequestsDuringMaintenance.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | -------------------------------------------------------------------------------- /resources/js/Jetstream/NavLink.vue: -------------------------------------------------------------------------------- 1 | 8 | 9 | 22 | -------------------------------------------------------------------------------- /resources/js/Jetstream/ActionMessage.vue: -------------------------------------------------------------------------------- 1 | 12 | 13 | -------------------------------------------------------------------------------- /app/Actions/Jetstream/DeleteUser.php: -------------------------------------------------------------------------------- 1 | deleteProfilePhoto(); 18 | $user->tokens->each->delete(); 19 | $user->delete(); 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /tests/CreatesApplication.php: -------------------------------------------------------------------------------- 1 | make(Kernel::class)->bootstrap(); 19 | 20 | return $app; 21 | } 22 | } 23 | -------------------------------------------------------------------------------- /app/Providers/BroadcastServiceProvider.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 8 | 9 | 10 | 11 | 12 | 13 | 24 | -------------------------------------------------------------------------------- /resources/js/Jetstream/AuthenticationCardLogo.vue: -------------------------------------------------------------------------------- 1 | 9 | -------------------------------------------------------------------------------- /app/Http/Middleware/Authenticate.php: -------------------------------------------------------------------------------- 1 | expectsJson()) { 18 | return route('login'); 19 | } 20 | } 21 | } 22 | -------------------------------------------------------------------------------- /resources/js/Jetstream/Dropdown.vue: -------------------------------------------------------------------------------- 1 | 12 | 13 | 23 | -------------------------------------------------------------------------------- /resources/js/Components/Footer.vue: -------------------------------------------------------------------------------- 1 | 10 | 11 | -------------------------------------------------------------------------------- /resources/lang/en/pagination.php: -------------------------------------------------------------------------------- 1 | '« Previous', 17 | 'next' => 'Next »', 18 | 19 | ]; 20 | -------------------------------------------------------------------------------- /tests/Feature/BrowserSessionsTest.php: -------------------------------------------------------------------------------- 1 | actingAs($user = User::factory()->create()); 16 | 17 | $response = $this->delete('/user/other-browser-sessions', [ 18 | 'password' => 'password', 19 | ]); 20 | 21 | $response->assertSessionHasNoErrors(); 22 | } 23 | } 24 | -------------------------------------------------------------------------------- /routes/channels.php: -------------------------------------------------------------------------------- 1 | id === (int) $id; 18 | }); 19 | -------------------------------------------------------------------------------- /routes/api.php: -------------------------------------------------------------------------------- 1 | get('/user', function (Request $request) { 18 | return $request->user(); 19 | }); 20 | -------------------------------------------------------------------------------- /server.php: -------------------------------------------------------------------------------- 1 | 8 | */ 9 | 10 | $uri = urldecode( 11 | parse_url($_SERVER['REQUEST_URI'], PHP_URL_PATH) 12 | ); 13 | 14 | // This file allows us to emulate Apache's "mod_rewrite" functionality from the 15 | // built-in PHP web server. This provides a convenient way to test a Laravel 16 | // application without having installed a "real" web server software here. 17 | if ($uri !== '/' && file_exists(__DIR__.'/public'.$uri)) { 18 | return false; 19 | } 20 | 21 | require_once __DIR__.'/public/index.php'; 22 | -------------------------------------------------------------------------------- /routes/console.php: -------------------------------------------------------------------------------- 1 | comment(Inspiring::quote()); 19 | })->purpose('Display an inspiring quote'); 20 | -------------------------------------------------------------------------------- /resources/js/Jetstream/ValidationErrors.vue: -------------------------------------------------------------------------------- 1 | 10 | 11 | 24 | -------------------------------------------------------------------------------- /resources/js/Pages/TermsOfService.vue: -------------------------------------------------------------------------------- 1 | 15 | 16 | 27 | -------------------------------------------------------------------------------- /resources/js/Pages/PrivacyPolicy.vue: -------------------------------------------------------------------------------- 1 | 15 | 16 | 27 | -------------------------------------------------------------------------------- /public/.htaccess: -------------------------------------------------------------------------------- 1 | 2 | 3 | Options -MultiViews -Indexes 4 | 5 | 6 | RewriteEngine On 7 | 8 | # Handle Authorization Header 9 | RewriteCond %{HTTP:Authorization} . 10 | RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] 11 | 12 | # Redirect Trailing Slashes If Not A Folder... 13 | RewriteCond %{REQUEST_FILENAME} !-d 14 | RewriteCond %{REQUEST_URI} (.+)/$ 15 | RewriteRule ^ %1 [L,R=301] 16 | 17 | # Send Requests To Front Controller... 18 | RewriteCond %{REQUEST_FILENAME} !-d 19 | RewriteCond %{REQUEST_FILENAME} !-f 20 | RewriteRule ^ index.php [L] 21 | 22 | -------------------------------------------------------------------------------- /app/Http/Middleware/TrustProxies.php: -------------------------------------------------------------------------------- 1 | 2 | 4 | 5 | 6 | 33 | 34 | -------------------------------------------------------------------------------- /resources/js/Components/Pagination.vue: -------------------------------------------------------------------------------- 1 | 17 | 18 | 23 | -------------------------------------------------------------------------------- /app/Providers/AuthServiceProvider.php: -------------------------------------------------------------------------------- 1 | 'App\Policies\ModelPolicy', 17 | ]; 18 | 19 | /** 20 | * Register any authentication / authorization services. 21 | * 22 | * @return void 23 | */ 24 | public function boot() 25 | { 26 | $this->registerPolicies(); 27 | 28 | // 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /resources/js/Jetstream/ActionSection.vue: -------------------------------------------------------------------------------- 1 | 19 | 20 | 29 | -------------------------------------------------------------------------------- /resources/sass/app.scss: -------------------------------------------------------------------------------- 1 | // Fonts 2 | @import url('https://fonts.googleapis.com/css?family=Nunito'); 3 | 4 | // Variables 5 | @import 'variables'; 6 | 7 | // Bootstrap 8 | @import '~bootstrap/scss/bootstrap'; 9 | 10 | // Multiselect 11 | @import '@suadelabs/vue3-multiselect/dist/vue3-multiselect.css'; 12 | 13 | @each $breakpoint in map-keys($grid-breakpoints) { 14 | @include media-breakpoint-up($breakpoint) { 15 | $infix: breakpoint-infix($breakpoint, $grid-breakpoints); 16 | @each $prop, $abbrev in (width: w, height: h) { 17 | @each $size, $length in $sizes { 18 | .#{$abbrev}#{$infix}-#{$size} { #{$prop}: $length !important; } 19 | } 20 | } 21 | } 22 | } 23 | 24 | // Custom 25 | @import "custom"; 26 | @import "my_custom"; 27 | -------------------------------------------------------------------------------- /tests/Feature/ProfileInformationTest.php: -------------------------------------------------------------------------------- 1 | actingAs($user = User::factory()->create()); 16 | 17 | $response = $this->put('/user/profile-information', [ 18 | 'name' => 'Test Name', 19 | 'email' => 'test@example.com', 20 | ]); 21 | 22 | $this->assertEquals('Test Name', $user->fresh()->name); 23 | $this->assertEquals('test@example.com', $user->fresh()->email); 24 | } 25 | } 26 | -------------------------------------------------------------------------------- /resources/js/Jetstream/Modal.vue: -------------------------------------------------------------------------------- 1 | 10 | 11 | 35 | -------------------------------------------------------------------------------- /resources/lang/en/auth.php: -------------------------------------------------------------------------------- 1 | 'These credentials do not match our records.', 17 | 'password' => 'The provided password is incorrect.', 18 | 'throttle' => 'Too many login attempts. Please try again in :seconds seconds.', 19 | 20 | ]; 21 | -------------------------------------------------------------------------------- /webpack.mix.js: -------------------------------------------------------------------------------- 1 | const mix = require('laravel-mix'); 2 | 3 | /* 4 | |-------------------------------------------------------------------------- 5 | | Mix Asset Management 6 | |-------------------------------------------------------------------------- 7 | | 8 | | Mix provides a clean, fluent API for defining some Webpack build steps 9 | | for your Laravel application. By default, we are compiling the Sass 10 | | file for the application as well as bundling up all the JS files. 11 | | 12 | */ 13 | 14 | mix.js('resources/js/app.js', 'public/js').vue() 15 | .sass('resources/sass/app.scss', 'public/css') 16 | .disableNotifications() 17 | .sourceMaps() 18 | .webpackConfig(require('./webpack.config')); 19 | 20 | if (mix.inProduction()) { 21 | mix.version(); 22 | } 23 | -------------------------------------------------------------------------------- /app/Actions/Fortify/ResetUserPassword.php: -------------------------------------------------------------------------------- 1 | $this->passwordRules(), 24 | ])->validate(); 25 | 26 | $user->forceFill([ 27 | 'password' => Hash::make($input['password']), 28 | ])->save(); 29 | } 30 | } 31 | -------------------------------------------------------------------------------- /app/Providers/EventServiceProvider.php: -------------------------------------------------------------------------------- 1 | [ 19 | SendEmailVerificationNotification::class, 20 | ], 21 | ]; 22 | 23 | /** 24 | * Register any events for your application. 25 | * 26 | * @return void 27 | */ 28 | public function boot() 29 | { 30 | // 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /resources/lang/en/passwords.php: -------------------------------------------------------------------------------- 1 | 'Your password has been reset!', 17 | 'sent' => 'We have emailed your password reset link!', 18 | 'throttled' => 'Please wait before retrying.', 19 | 'token' => 'This password reset token is invalid.', 20 | 'user' => "We can't find a user with that email address.", 21 | 22 | ]; 23 | -------------------------------------------------------------------------------- /database/migrations/2014_10_12_100000_create_password_resets_table.php: -------------------------------------------------------------------------------- 1 | string('email')->index(); 18 | $table->string('token'); 19 | $table->timestamp('created_at')->nullable(); 20 | }); 21 | } 22 | 23 | /** 24 | * Reverse the migrations. 25 | * 26 | * @return void 27 | */ 28 | public function down() 29 | { 30 | Schema::dropIfExists('password_resets'); 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /resources/js/Pages/API/Index.vue: -------------------------------------------------------------------------------- 1 | 14 | 15 | 32 | -------------------------------------------------------------------------------- /app/Http/Middleware/RedirectIfAuthenticated.php: -------------------------------------------------------------------------------- 1 | check()) { 26 | return redirect(RouteServiceProvider::HOME); 27 | } 28 | } 29 | 30 | return $next($request); 31 | } 32 | } 33 | -------------------------------------------------------------------------------- /app/Exceptions/Handler.php: -------------------------------------------------------------------------------- 1 | reportable(function (Throwable $e) { 38 | // 39 | }); 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /config/cors.php: -------------------------------------------------------------------------------- 1 | ['api/*', 'sanctum/csrf-cookie'], 19 | 20 | 'allowed_methods' => ['*'], 21 | 22 | 'allowed_origins' => ['*'], 23 | 24 | 'allowed_origins_patterns' => [], 25 | 26 | 'allowed_headers' => ['*'], 27 | 28 | 'exposed_headers' => [], 29 | 30 | 'max_age' => 0, 31 | 32 | 'supports_credentials' => false, 33 | 34 | ]; 35 | -------------------------------------------------------------------------------- /app/Console/Kernel.php: -------------------------------------------------------------------------------- 1 | command('inspire')->hourly(); 28 | } 29 | 30 | /** 31 | * Register the commands for the application. 32 | * 33 | * @return void 34 | */ 35 | protected function commands() 36 | { 37 | $this->load(__DIR__.'/Commands'); 38 | 39 | require base_path('routes/console.php'); 40 | } 41 | } 42 | -------------------------------------------------------------------------------- /database/migrations/2019_08_19_000000_create_failed_jobs_table.php: -------------------------------------------------------------------------------- 1 | id(); 18 | $table->string('uuid')->unique(); 19 | $table->text('connection'); 20 | $table->text('queue'); 21 | $table->longText('payload'); 22 | $table->longText('exception'); 23 | $table->timestamp('failed_at')->useCurrent(); 24 | }); 25 | } 26 | 27 | /** 28 | * Reverse the migrations. 29 | * 30 | * @return void 31 | */ 32 | public function down() 33 | { 34 | Schema::dropIfExists('failed_jobs'); 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /database/migrations/2021_05_10_015649_create_sessions_table.php: -------------------------------------------------------------------------------- 1 | string('id')->primary(); 18 | $table->foreignId('user_id')->nullable()->index(); 19 | $table->string('ip_address', 45)->nullable(); 20 | $table->text('user_agent')->nullable(); 21 | $table->text('payload'); 22 | $table->integer('last_activity')->index(); 23 | }); 24 | } 25 | 26 | /** 27 | * Reverse the migrations. 28 | * 29 | * @return void 30 | */ 31 | public function down() 32 | { 33 | Schema::dropIfExists('sessions'); 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /tests/Feature/RegistrationTest.php: -------------------------------------------------------------------------------- 1 | get('/register'); 17 | 18 | $response->assertStatus(200); 19 | } 20 | 21 | public function test_new_users_can_register() 22 | { 23 | $response = $this->post('/register', [ 24 | 'name' => 'Test User', 25 | 'email' => 'test@example.com', 26 | 'password' => 'password', 27 | 'password_confirmation' => 'password', 28 | 'terms' => Jetstream::hasTermsAndPrivacyPolicyFeature(), 29 | ]); 30 | 31 | $this->assertAuthenticated(); 32 | $response->assertRedirect(RouteServiceProvider::HOME); 33 | } 34 | } 35 | -------------------------------------------------------------------------------- /.env.example: -------------------------------------------------------------------------------- 1 | APP_NAME='Admin-O-Matic' 2 | APP_ENV=local 3 | APP_KEY= 4 | APP_DEBUG=true 5 | APP_URL=http://localhost 6 | 7 | LOG_CHANNEL=stack 8 | LOG_LEVEL=debug 9 | 10 | DB_CONNECTION=mysql 11 | DB_HOST=127.0.0.1 12 | DB_PORT=3306 13 | DB_DATABASE=admin_o_matic 14 | DB_USERNAME=root 15 | DB_PASSWORD= 16 | 17 | BROADCAST_DRIVER=log 18 | CACHE_DRIVER=file 19 | QUEUE_CONNECTION=sync 20 | SESSION_DRIVER=database 21 | SESSION_LIFETIME=120 22 | 23 | MEMCACHED_HOST=127.0.0.1 24 | 25 | REDIS_HOST=127.0.0.1 26 | REDIS_PASSWORD=null 27 | REDIS_PORT=6379 28 | 29 | MAIL_MAILER=smtp 30 | MAIL_HOST=mailhog 31 | MAIL_PORT=1025 32 | MAIL_USERNAME=null 33 | MAIL_PASSWORD=null 34 | MAIL_ENCRYPTION=null 35 | MAIL_FROM_ADDRESS=null 36 | MAIL_FROM_NAME="${APP_NAME}" 37 | 38 | AWS_ACCESS_KEY_ID= 39 | AWS_SECRET_ACCESS_KEY= 40 | AWS_DEFAULT_REGION=us-east-1 41 | AWS_BUCKET= 42 | 43 | PUSHER_APP_ID= 44 | PUSHER_APP_KEY= 45 | PUSHER_APP_SECRET= 46 | PUSHER_APP_CLUSTER=mt1 47 | 48 | MIX_PUSHER_APP_KEY="${PUSHER_APP_KEY}" 49 | MIX_PUSHER_APP_CLUSTER="${PUSHER_APP_CLUSTER}" 50 | -------------------------------------------------------------------------------- /resources/js/Jetstream/DialogModal.vue: -------------------------------------------------------------------------------- 1 | 24 | 25 | 44 | -------------------------------------------------------------------------------- /database/seeders/UserTableSeeder.php: -------------------------------------------------------------------------------- 1 | 'Test '.$i, 22 | 'email' => 'test'.$i.'@test.com', 23 | 'is_admin' => 0, 24 | 'email_verified_at' => now(), 25 | 'password' => '$2y$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi', // password 26 | 'remember_token' => Str::random(10), 27 | ]); 28 | $role = Role::where('id', 5)->first(); 29 | $permission = Permission::where('name', 'N/A')->first(); 30 | $user->syncRoles($role)->syncPermissions($permission); 31 | } 32 | } 33 | } 34 | -------------------------------------------------------------------------------- /config/services.php: -------------------------------------------------------------------------------- 1 | [ 18 | 'domain' => env('MAILGUN_DOMAIN'), 19 | 'secret' => env('MAILGUN_SECRET'), 20 | 'endpoint' => env('MAILGUN_ENDPOINT', 'api.mailgun.net'), 21 | ], 22 | 23 | 'postmark' => [ 24 | 'token' => env('POSTMARK_TOKEN'), 25 | ], 26 | 27 | 'ses' => [ 28 | 'key' => env('AWS_ACCESS_KEY_ID'), 29 | 'secret' => env('AWS_SECRET_ACCESS_KEY'), 30 | 'region' => env('AWS_DEFAULT_REGION', 'us-east-1'), 31 | ], 32 | 33 | ]; 34 | -------------------------------------------------------------------------------- /database/migrations/2019_12_14_000001_create_personal_access_tokens_table.php: -------------------------------------------------------------------------------- 1 | bigIncrements('id'); 18 | $table->morphs('tokenable'); 19 | $table->string('name'); 20 | $table->string('token', 64)->unique(); 21 | $table->text('abilities')->nullable(); 22 | $table->timestamp('last_used_at')->nullable(); 23 | $table->timestamps(); 24 | }); 25 | } 26 | 27 | /** 28 | * Reverse the migrations. 29 | * 30 | * @return void 31 | */ 32 | public function down() 33 | { 34 | Schema::dropIfExists('personal_access_tokens'); 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /resources/js/Jetstream/ResponsiveNavLink.vue: -------------------------------------------------------------------------------- 1 | 12 | 13 | 26 | -------------------------------------------------------------------------------- /database/migrations/2014_10_12_200000_add_two_factor_columns_to_users_table.php: -------------------------------------------------------------------------------- 1 | text('two_factor_secret') 18 | ->after('password') 19 | ->nullable(); 20 | 21 | $table->text('two_factor_recovery_codes') 22 | ->after('two_factor_secret') 23 | ->nullable(); 24 | }); 25 | } 26 | 27 | /** 28 | * Reverse the migrations. 29 | * 30 | * @return void 31 | */ 32 | public function down() 33 | { 34 | Schema::table('users', function (Blueprint $table) { 35 | $table->dropColumn('two_factor_secret', 'two_factor_recovery_codes'); 36 | }); 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /tests/Feature/DeleteApiTokenTest.php: -------------------------------------------------------------------------------- 1 | markTestSkipped('API support is not enabled.'); 19 | } 20 | 21 | if (Features::hasTeamFeatures()) { 22 | $this->actingAs($user = User::factory()->withPersonalTeam()->create()); 23 | } else { 24 | $this->actingAs($user = User::factory()->create()); 25 | } 26 | 27 | $token = $user->tokens()->create([ 28 | 'name' => 'Test Token', 29 | 'token' => Str::random(40), 30 | 'abilities' => ['create', 'read'], 31 | ]); 32 | 33 | $response = $this->delete('/user/api-tokens/'.$token->id); 34 | 35 | $this->assertCount(0, $user->fresh()->tokens); 36 | } 37 | } 38 | -------------------------------------------------------------------------------- /app/Providers/JetstreamServiceProvider.php: -------------------------------------------------------------------------------- 1 | configurePermissions(); 29 | 30 | Jetstream::deleteUsersUsing(DeleteUser::class); 31 | } 32 | 33 | /** 34 | * Configure the permissions that are available within the application. 35 | * 36 | * @return void 37 | */ 38 | protected function configurePermissions() 39 | { 40 | Jetstream::defaultApiTokenPermissions(['read']); 41 | 42 | Jetstream::permissions([ 43 | 'create', 44 | 'read', 45 | 'update', 46 | 'delete', 47 | ]); 48 | } 49 | } 50 | -------------------------------------------------------------------------------- /resources/js/app.js: -------------------------------------------------------------------------------- 1 | require('./bootstrap'); 2 | 3 | window.Toast = Swal.mixin({ 4 | toast: true, 5 | position: 'top-end', 6 | showConfirmButton: false, 7 | timer: 3000, 8 | timerProgressBar: false, 9 | didOpen: (toast) => { 10 | toast.addEventListener('mouseenter', Swal.stopTimer) 11 | toast.addEventListener('mouseleave', Swal.resumeTimer) 12 | } 13 | }) 14 | 15 | // Import modules... 16 | import { createApp, h } from 'vue'; 17 | import { App as InertiaApp, plugin as InertiaPlugin } from '@inertiajs/inertia-vue3'; 18 | import { InertiaProgress } from '@inertiajs/progress'; 19 | 20 | // Import components... 21 | import Multiselect from '@suadelabs/vue3-multiselect' 22 | 23 | const el = document.getElementById('app'); 24 | 25 | createApp({ 26 | render: () => 27 | h(InertiaApp, { 28 | initialPage: JSON.parse(el.dataset.page), 29 | resolveComponent: (name) => require(`./Pages/${name}`).default, 30 | }), 31 | }) 32 | .mixin({ methods: { route } }) 33 | .use(InertiaPlugin) 34 | .component('multiselect', Multiselect) 35 | .mount(el); 36 | 37 | InertiaProgress.init({ color: '#4B5563' }); 38 | -------------------------------------------------------------------------------- /database/migrations/2014_10_12_000000_create_users_table.php: -------------------------------------------------------------------------------- 1 | id(); 18 | $table->string('name'); 19 | $table->boolean('is_admin')->default(0); 20 | $table->string('email')->unique(); 21 | $table->timestamp('email_verified_at')->nullable(); 22 | $table->string('password'); 23 | $table->rememberToken(); 24 | $table->foreignId('current_team_id')->nullable(); 25 | $table->text('profile_photo_path')->nullable(); 26 | $table->timestamps(); 27 | }); 28 | } 29 | 30 | /** 31 | * Reverse the migrations. 32 | * 33 | * @return void 34 | */ 35 | public function down() 36 | { 37 | Schema::dropIfExists('users'); 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /app/Actions/Fortify/CreateNewUser.php: -------------------------------------------------------------------------------- 1 | ['required', 'string', 'max:255'], 25 | 'email' => ['required', 'string', 'email', 'max:255', 'unique:users'], 26 | 'password' => $this->passwordRules(), 27 | 'terms' => Jetstream::hasTermsAndPrivacyPolicyFeature() ? ['required', 'accepted'] : '', 28 | ])->validate(); 29 | 30 | return User::create([ 31 | 'name' => $input['name'], 32 | 'email' => $input['email'], 33 | 'password' => Hash::make($input['password']), 34 | ]); 35 | } 36 | } 37 | -------------------------------------------------------------------------------- /config/view.php: -------------------------------------------------------------------------------- 1 | [ 17 | resource_path('views'), 18 | ], 19 | 20 | /* 21 | |-------------------------------------------------------------------------- 22 | | Compiled View Path 23 | |-------------------------------------------------------------------------- 24 | | 25 | | This option determines where all the compiled Blade templates will be 26 | | stored for your application. Typically, this is within the storage 27 | | directory. However, as usual, you are free to change this value. 28 | | 29 | */ 30 | 31 | 'compiled' => env( 32 | 'VIEW_COMPILED_PATH', 33 | realpath(storage_path('framework/views')) 34 | ), 35 | 36 | ]; 37 | -------------------------------------------------------------------------------- /resources/js/Jetstream/FormSection.vue: -------------------------------------------------------------------------------- 1 | 29 | 30 | 47 | -------------------------------------------------------------------------------- /tests/Feature/AuthenticationTest.php: -------------------------------------------------------------------------------- 1 | get('/login'); 17 | 18 | $response->assertStatus(200); 19 | } 20 | 21 | public function test_users_can_authenticate_using_the_login_screen() 22 | { 23 | $user = User::factory()->create(); 24 | 25 | $response = $this->post('/login', [ 26 | 'email' => $user->email, 27 | 'password' => 'password', 28 | ]); 29 | 30 | $this->assertAuthenticated(); 31 | $response->assertRedirect(RouteServiceProvider::HOME); 32 | } 33 | 34 | public function test_users_can_not_authenticate_with_invalid_password() 35 | { 36 | $user = User::factory()->create(); 37 | 38 | $this->post('/login', [ 39 | 'email' => $user->email, 40 | 'password' => 'wrong-password', 41 | ]); 42 | 43 | $this->assertGuest(); 44 | } 45 | } 46 | -------------------------------------------------------------------------------- /app/Actions/Fortify/UpdateUserPassword.php: -------------------------------------------------------------------------------- 1 | ['required', 'string'], 24 | 'password' => $this->passwordRules(), 25 | ])->after(function ($validator) use ($user, $input) { 26 | if (! isset($input['current_password']) || ! Hash::check($input['current_password'], $user->password)) { 27 | $validator->errors()->add('current_password', __('The provided password does not match your current password.')); 28 | } 29 | })->validateWithBag('updatePassword'); 30 | 31 | $user->forceFill([ 32 | 'password' => Hash::make($input['password']), 33 | ])->save(); 34 | } 35 | } 36 | -------------------------------------------------------------------------------- /public/web.config: -------------------------------------------------------------------------------- 1 | 6 | 7 | 8 | 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | -------------------------------------------------------------------------------- /tests/Feature/DeleteAccountTest.php: -------------------------------------------------------------------------------- 1 | markTestSkipped('Account deletion is not enabled.'); 18 | } 19 | 20 | $this->actingAs($user = User::factory()->create()); 21 | 22 | $response = $this->delete('/user', [ 23 | 'password' => 'password', 24 | ]); 25 | 26 | $this->assertNull($user->fresh()); 27 | } 28 | 29 | public function test_correct_password_must_be_provided_before_account_can_be_deleted() 30 | { 31 | if (! Features::hasAccountDeletionFeatures()) { 32 | return $this->markTestSkipped('Account deletion is not enabled.'); 33 | } 34 | 35 | $this->actingAs($user = User::factory()->create()); 36 | 37 | $response = $this->delete('/user', [ 38 | 'password' => 'wrong-password', 39 | ]); 40 | 41 | $this->assertNotNull($user->fresh()); 42 | } 43 | } 44 | -------------------------------------------------------------------------------- /package.json: -------------------------------------------------------------------------------- 1 | { 2 | "private": true, 3 | "scripts": { 4 | "dev": "npm run development", 5 | "development": "mix", 6 | "watch": "mix watch", 7 | "watch-poll": "mix watch -- --watch-options-poll=1000", 8 | "hot": "mix watch --hot", 9 | "prod": "npm run production", 10 | "production": "mix --production" 11 | }, 12 | "devDependencies": { 13 | "@inertiajs/inertia": "^0.8.2", 14 | "@inertiajs/inertia-vue3": "^0.3.5", 15 | "@inertiajs/progress": "^0.2.4", 16 | "@tailwindcss/forms": "^0.2.1", 17 | "@tailwindcss/typography": "^0.3.0", 18 | "@vue/compiler-sfc": "^3.0.5", 19 | "alpinejs": "^2.7.3", 20 | "axios": "^0.21", 21 | "bootstrap": "^4.6.0", 22 | "jquery": "^3.5.1", 23 | "laravel-mix": "^6.0.6", 24 | "lodash": "^4.17.19", 25 | "popper.js": "^1.16.1", 26 | "postcss": "^8.1.14", 27 | "postcss-import": "^12.0.1", 28 | "resolve-url-loader": "^3.1.2", 29 | "sass": "^1.32.12", 30 | "sass-loader": "^11.0.1", 31 | "tailwindcss": "^2.0.1", 32 | "vue": "^3.0.5", 33 | "vue-loader": "^16.1.2" 34 | }, 35 | "dependencies": { 36 | "@suadelabs/vue3-multiselect": "^1.0.0" 37 | } 38 | } 39 | -------------------------------------------------------------------------------- /tests/Feature/CreateApiTokenTest.php: -------------------------------------------------------------------------------- 1 | markTestSkipped('API support is not enabled.'); 18 | } 19 | 20 | if (Features::hasTeamFeatures()) { 21 | $this->actingAs($user = User::factory()->withPersonalTeam()->create()); 22 | } else { 23 | $this->actingAs($user = User::factory()->create()); 24 | } 25 | 26 | $response = $this->post('/user/api-tokens', [ 27 | 'name' => 'Test Token', 28 | 'permissions' => [ 29 | 'read', 30 | 'update', 31 | ], 32 | ]); 33 | 34 | $this->assertCount(1, $user->fresh()->tokens); 35 | $this->assertEquals('Test Token', $user->fresh()->tokens->first()->name); 36 | $this->assertTrue($user->fresh()->tokens->first()->can('read')); 37 | $this->assertFalse($user->fresh()->tokens->first()->can('delete')); 38 | } 39 | } 40 | -------------------------------------------------------------------------------- /phpunit.xml: -------------------------------------------------------------------------------- 1 | 2 | 7 | 8 | 9 | ./tests/Unit 10 | 11 | 12 | ./tests/Feature 13 | 14 | 15 | 16 | 17 | ./app 18 | 19 | 20 | 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | -------------------------------------------------------------------------------- /database/factories/UserFactory.php: -------------------------------------------------------------------------------- 1 | $this->faker->name(), 27 | 'email' => $this->faker->unique()->safeEmail(), 28 | 'is_admin' => 0, 29 | 'email_verified_at' => now(), 30 | 'password' => '$2y$10$92IXUNpkjO0rOQ5byMi.Ye4oKoEa3Ro9llC/.og/at2.uheWG/igi', // password 31 | 'remember_token' => Str::random(10), 32 | ]; 33 | } 34 | 35 | /** 36 | * Indicate that the model's email address should be unverified. 37 | * 38 | * @return \Illuminate\Database\Eloquent\Factories\Factory 39 | */ 40 | public function unverified() 41 | { 42 | return $this->state(function (array $attributes) { 43 | return [ 44 | 'email_verified_at' => null, 45 | ]; 46 | }); 47 | } 48 | } 49 | -------------------------------------------------------------------------------- /resources/js/bootstrap.js: -------------------------------------------------------------------------------- 1 | window._ = require('lodash'); 2 | 3 | /** 4 | * We'll load jQuery and the Bootstrap jQuery plugin which provides support 5 | * for JavaScript based Bootstrap features such as modals and tabs. This 6 | * code may be modified to fit the specific needs of your application. 7 | */ 8 | 9 | try { 10 | window.Popper = require('popper.js').default; 11 | window.$ = window.jQuery = require('jquery'); 12 | 13 | require('bootstrap'); 14 | } catch (e) {} 15 | 16 | /** 17 | * We'll load the axios HTTP library which allows us to easily issue requests 18 | * to our Laravel back-end. This library automatically handles sending the 19 | * CSRF token as a header based on the value of the "XSRF" token cookie. 20 | */ 21 | 22 | window.axios = require('axios'); 23 | 24 | window.axios.defaults.headers.common['X-Requested-With'] = 'XMLHttpRequest'; 25 | 26 | /** 27 | * Echo exposes an expressive API for subscribing to channels and listening 28 | * for events that are broadcast by Laravel. Echo and event broadcasting 29 | * allows your team to easily build robust real-time web applications. 30 | */ 31 | 32 | // import Echo from 'laravel-echo'; 33 | 34 | // window.Pusher = require('pusher-js'); 35 | 36 | // window.Echo = new Echo({ 37 | // broadcaster: 'pusher', 38 | // key: process.env.MIX_PUSHER_APP_KEY, 39 | // cluster: process.env.MIX_PUSHER_APP_CLUSTER, 40 | // forceTLS: true 41 | // }); -------------------------------------------------------------------------------- /tests/Feature/PasswordConfirmationTest.php: -------------------------------------------------------------------------------- 1 | withPersonalTeam()->create() 18 | : User::factory()->create(); 19 | 20 | $response = $this->actingAs($user)->get('/user/confirm-password'); 21 | 22 | $response->assertStatus(200); 23 | } 24 | 25 | public function test_password_can_be_confirmed() 26 | { 27 | $user = User::factory()->create(); 28 | 29 | $response = $this->actingAs($user)->post('/user/confirm-password', [ 30 | 'password' => 'password', 31 | ]); 32 | 33 | $response->assertRedirect(); 34 | $response->assertSessionHasNoErrors(); 35 | } 36 | 37 | public function test_password_is_not_confirmed_with_invalid_password() 38 | { 39 | $user = User::factory()->create(); 40 | 41 | $response = $this->actingAs($user)->post('/user/confirm-password', [ 42 | 'password' => 'wrong-password', 43 | ]); 44 | 45 | $response->assertSessionHasErrors(); 46 | } 47 | } 48 | -------------------------------------------------------------------------------- /resources/js/Jetstream/ConfirmationModal.vue: -------------------------------------------------------------------------------- 1 | 30 | 31 | 50 | -------------------------------------------------------------------------------- /app/Providers/FortifyServiceProvider.php: -------------------------------------------------------------------------------- 1 | by($request->email.$request->ip()); 41 | }); 42 | 43 | RateLimiter::for('two-factor', function (Request $request) { 44 | return Limit::perMinute(5)->by($request->session()->get('login.id')); 45 | }); 46 | } 47 | } 48 | -------------------------------------------------------------------------------- /tests/Feature/ApiTokenPermissionsTest.php: -------------------------------------------------------------------------------- 1 | markTestSkipped('API support is not enabled.'); 19 | } 20 | 21 | if (Features::hasTeamFeatures()) { 22 | $this->actingAs($user = User::factory()->withPersonalTeam()->create()); 23 | } else { 24 | $this->actingAs($user = User::factory()->create()); 25 | } 26 | 27 | $token = $user->tokens()->create([ 28 | 'name' => 'Test Token', 29 | 'token' => Str::random(40), 30 | 'abilities' => ['create', 'read'], 31 | ]); 32 | 33 | $response = $this->put('/user/api-tokens/'.$token->id, [ 34 | 'name' => $token->name, 35 | 'permissions' => [ 36 | 'delete', 37 | 'missing-permission', 38 | ], 39 | ]); 40 | 41 | $this->assertTrue($user->fresh()->tokens->first()->can('delete')); 42 | $this->assertFalse($user->fresh()->tokens->first()->can('read')); 43 | $this->assertFalse($user->fresh()->tokens->first()->can('missing-permission')); 44 | } 45 | } 46 | -------------------------------------------------------------------------------- /app/Http/Middleware/HandleInertiaRequests.php: -------------------------------------------------------------------------------- 1 | function() { 40 | $user = auth()->user(); 41 | return $user ? [ 42 | 'hasRole' => [ 43 | 'superAdmin' => $user->hasRole(['super-admin']), 44 | 'admin' => $user->hasRole('admin'), 45 | 'moderator' => $user->hasRole('moderator'), 46 | 'developer' => $user->hasRole('developer'), 47 | ] 48 | ] : null; 49 | }, 50 | ]); 51 | } 52 | } 53 | -------------------------------------------------------------------------------- /resources/views/app.blade.php: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | {{ config('app.name', 'Laravel') }} 9 | 10 | 11 | 12 | 13 | 14 | 15 | 16 | 17 | 18 | 19 | 20 | @routes 21 | 22 | 23 | 24 | 25 | 26 | 27 | 28 | 29 | @inertia 30 | 31 | 32 | -------------------------------------------------------------------------------- /config/hashing.php: -------------------------------------------------------------------------------- 1 | 'bcrypt', 19 | 20 | /* 21 | |-------------------------------------------------------------------------- 22 | | Bcrypt Options 23 | |-------------------------------------------------------------------------- 24 | | 25 | | Here you may specify the configuration options that should be used when 26 | | passwords are hashed using the Bcrypt algorithm. This will allow you 27 | | to control the amount of time it takes to hash the given password. 28 | | 29 | */ 30 | 31 | 'bcrypt' => [ 32 | 'rounds' => env('BCRYPT_ROUNDS', 10), 33 | ], 34 | 35 | /* 36 | |-------------------------------------------------------------------------- 37 | | Argon Options 38 | |-------------------------------------------------------------------------- 39 | | 40 | | Here you may specify the configuration options that should be used when 41 | | passwords are hashed using the Argon algorithm. These will allow you 42 | | to control the amount of time it takes to hash the given password. 43 | | 44 | */ 45 | 46 | 'argon' => [ 47 | 'memory' => 1024, 48 | 'threads' => 2, 49 | 'time' => 2, 50 | ], 51 | 52 | ]; 53 | -------------------------------------------------------------------------------- /resources/js/Pages/Profile/Show.vue: -------------------------------------------------------------------------------- 1 | 36 | 37 | 60 | -------------------------------------------------------------------------------- /app/Models/User.php: -------------------------------------------------------------------------------- 1 | 'datetime', 54 | 'created_at' => 'datetime:d-M-Y' 55 | ]; 56 | 57 | /** 58 | * The accessors to append to the model's array form. 59 | * 60 | * @var array 61 | */ 62 | protected $appends = [ 63 | 'profile_photo_url', 64 | ]; 65 | 66 | /** 67 | * The relationships that should always be loaded. 68 | * 69 | * @var array 70 | */ 71 | protected $with = ['roles']; 72 | } 73 | -------------------------------------------------------------------------------- /tests/Feature/UpdatePasswordTest.php: -------------------------------------------------------------------------------- 1 | actingAs($user = User::factory()->create()); 17 | 18 | $response = $this->put('/user/password', [ 19 | 'current_password' => 'password', 20 | 'password' => 'new-password', 21 | 'password_confirmation' => 'new-password', 22 | ]); 23 | 24 | $this->assertTrue(Hash::check('new-password', $user->fresh()->password)); 25 | } 26 | 27 | public function test_current_password_must_be_correct() 28 | { 29 | $this->actingAs($user = User::factory()->create()); 30 | 31 | $response = $this->put('/user/password', [ 32 | 'current_password' => 'wrong-password', 33 | 'password' => 'new-password', 34 | 'password_confirmation' => 'new-password', 35 | ]); 36 | 37 | $response->assertSessionHasErrors(); 38 | 39 | $this->assertTrue(Hash::check('password', $user->fresh()->password)); 40 | } 41 | 42 | public function test_new_passwords_must_match() 43 | { 44 | $this->actingAs($user = User::factory()->create()); 45 | 46 | $response = $this->put('/user/password', [ 47 | 'current_password' => 'password', 48 | 'password' => 'new-password', 49 | 'password_confirmation' => 'wrong-password', 50 | ]); 51 | 52 | $response->assertSessionHasErrors(); 53 | 54 | $this->assertTrue(Hash::check('password', $user->fresh()->password)); 55 | } 56 | } 57 | -------------------------------------------------------------------------------- /bootstrap/app.php: -------------------------------------------------------------------------------- 1 | singleton( 30 | Illuminate\Contracts\Http\Kernel::class, 31 | App\Http\Kernel::class 32 | ); 33 | 34 | $app->singleton( 35 | Illuminate\Contracts\Console\Kernel::class, 36 | App\Console\Kernel::class 37 | ); 38 | 39 | $app->singleton( 40 | Illuminate\Contracts\Debug\ExceptionHandler::class, 41 | App\Exceptions\Handler::class 42 | ); 43 | 44 | /* 45 | |-------------------------------------------------------------------------- 46 | | Return The Application 47 | |-------------------------------------------------------------------------- 48 | | 49 | | This script returns the application instance. The instance is given to 50 | | the calling script so we can separate the building of the instances 51 | | from the actual running of the application and sending responses. 52 | | 53 | */ 54 | 55 | return $app; 56 | -------------------------------------------------------------------------------- /artisan: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env php 2 | make(Illuminate\Contracts\Console\Kernel::class); 34 | 35 | $status = $kernel->handle( 36 | $input = new Symfony\Component\Console\Input\ArgvInput, 37 | new Symfony\Component\Console\Output\ConsoleOutput 38 | ); 39 | 40 | /* 41 | |-------------------------------------------------------------------------- 42 | | Shutdown The Application 43 | |-------------------------------------------------------------------------- 44 | | 45 | | Once Artisan has finished running, we will fire off the shutdown events 46 | | so that any final work may be done by the application before we shut 47 | | down the process. This is the last thing to happen to the request. 48 | | 49 | */ 50 | 51 | $kernel->terminate($input, $status); 52 | 53 | exit($status); 54 | -------------------------------------------------------------------------------- /config/sanctum.php: -------------------------------------------------------------------------------- 1 | explode(',', env( 17 | 'SANCTUM_STATEFUL_DOMAINS', 18 | 'localhost,localhost:3000,127.0.0.1,127.0.0.1:8000,::1,'.parse_url(env('APP_URL'), PHP_URL_HOST) 19 | )), 20 | 21 | /* 22 | |-------------------------------------------------------------------------- 23 | | Expiration Minutes 24 | |-------------------------------------------------------------------------- 25 | | 26 | | This value controls the number of minutes until an issued token will be 27 | | considered expired. If this value is null, personal access tokens do 28 | | not expire. This won't tweak the lifetime of first-party sessions. 29 | | 30 | */ 31 | 32 | 'expiration' => null, 33 | 34 | /* 35 | |-------------------------------------------------------------------------- 36 | | Sanctum Middleware 37 | |-------------------------------------------------------------------------- 38 | | 39 | | When authenticating your first-party SPA with Sanctum you may need to 40 | | customize some of the middleware Sanctum uses while processing the 41 | | request. You may change the middleware listed below as required. 42 | | 43 | */ 44 | 45 | 'middleware' => [ 46 | 'verify_csrf_token' => App\Http\Middleware\VerifyCsrfToken::class, 47 | 'encrypt_cookies' => App\Http\Middleware\EncryptCookies::class, 48 | ], 49 | 50 | ]; 51 | -------------------------------------------------------------------------------- /tests/Feature/TwoFactorAuthenticationSettingsTest.php: -------------------------------------------------------------------------------- 1 | actingAs($user = User::factory()->create()); 16 | 17 | $this->withSession(['auth.password_confirmed_at' => time()]); 18 | 19 | $response = $this->post('/user/two-factor-authentication'); 20 | 21 | $this->assertNotNull($user->fresh()->two_factor_secret); 22 | $this->assertCount(8, $user->fresh()->recoveryCodes()); 23 | } 24 | 25 | public function test_recovery_codes_can_be_regenerated() 26 | { 27 | $this->actingAs($user = User::factory()->create()); 28 | 29 | $this->withSession(['auth.password_confirmed_at' => time()]); 30 | 31 | $this->post('/user/two-factor-authentication'); 32 | $this->post('/user/two-factor-recovery-codes'); 33 | 34 | $user = $user->fresh(); 35 | 36 | $this->post('/user/two-factor-recovery-codes'); 37 | 38 | $this->assertCount(8, $user->recoveryCodes()); 39 | $this->assertCount(8, array_diff($user->recoveryCodes(), $user->fresh()->recoveryCodes())); 40 | } 41 | 42 | public function test_two_factor_authentication_can_be_disabled() 43 | { 44 | $this->actingAs($user = User::factory()->create()); 45 | 46 | $this->withSession(['auth.password_confirmed_at' => time()]); 47 | 48 | $this->post('/user/two-factor-authentication'); 49 | 50 | $this->assertNotNull($user->fresh()->two_factor_secret); 51 | 52 | $this->delete('/user/two-factor-authentication'); 53 | 54 | $this->assertNull($user->fresh()->two_factor_secret); 55 | } 56 | } 57 | -------------------------------------------------------------------------------- /resources/js/Pages/Auth/ConfirmPassword.vue: -------------------------------------------------------------------------------- 1 | 30 | 31 | 66 | -------------------------------------------------------------------------------- /public/index.php: -------------------------------------------------------------------------------- 1 | make(Kernel::class); 50 | 51 | $response = tap($kernel->handle( 52 | $request = Request::capture() 53 | ))->send(); 54 | 55 | $kernel->terminate($request, $response); 56 | -------------------------------------------------------------------------------- /routes/web.php: -------------------------------------------------------------------------------- 1 | Route::has('login'), 26 | 'canRegister' => Route::has('register'), 27 | 'laravelVersion' => Application::VERSION, 28 | 'phpVersion' => PHP_VERSION, 29 | ]); 30 | }); 31 | 32 | Route::middleware(['auth:sanctum', 'verified'])->get('/dashboard', function () { 33 | return Inertia::render('Dashboard'); 34 | })->name('dashboard'); 35 | 36 | Route::prefix('admin')->name('admin.')->middleware(['auth:sanctum', 'verified', 'role: super-admin|admin|moderator|developer'])->group(function() { 37 | Route::get('dashboard', [AdminDashboardController::class, 'index'])->name('dashboard.index'); 38 | 39 | Route::resource('admins', AdminController::class)->parameters(['admins' => 'user'])->only(['index', 'update']); 40 | Route::resource('users', UserController::class)->except(['create', 'show', 'edit']); 41 | Route::resource('permissions', PermissionController::class)->except(['create', 'show', 'edit']); 42 | Route::resource('roles', RoleController::class)->except(['create', 'show', 'edit']); 43 | }); 44 | -------------------------------------------------------------------------------- /app/Providers/RouteServiceProvider.php: -------------------------------------------------------------------------------- 1 | configureRateLimiting(); 39 | 40 | $this->routes(function () { 41 | Route::prefix('api') 42 | ->middleware('api') 43 | ->namespace($this->namespace) 44 | ->group(base_path('routes/api.php')); 45 | 46 | Route::middleware('web') 47 | ->namespace($this->namespace) 48 | ->group(base_path('routes/web.php')); 49 | }); 50 | } 51 | 52 | /** 53 | * Configure the rate limiters for the application. 54 | * 55 | * @return void 56 | */ 57 | protected function configureRateLimiting() 58 | { 59 | RateLimiter::for('api', function (Request $request) { 60 | return Limit::perMinute(60)->by(optional($request->user())->id ?: $request->ip()); 61 | }); 62 | } 63 | } 64 | -------------------------------------------------------------------------------- /config/broadcasting.php: -------------------------------------------------------------------------------- 1 | env('BROADCAST_DRIVER', 'null'), 19 | 20 | /* 21 | |-------------------------------------------------------------------------- 22 | | Broadcast Connections 23 | |-------------------------------------------------------------------------- 24 | | 25 | | Here you may define all of the broadcast connections that will be used 26 | | to broadcast events to other systems or over websockets. Samples of 27 | | each available type of connection are provided inside this array. 28 | | 29 | */ 30 | 31 | 'connections' => [ 32 | 33 | 'pusher' => [ 34 | 'driver' => 'pusher', 35 | 'key' => env('PUSHER_APP_KEY'), 36 | 'secret' => env('PUSHER_APP_SECRET'), 37 | 'app_id' => env('PUSHER_APP_ID'), 38 | 'options' => [ 39 | 'cluster' => env('PUSHER_APP_CLUSTER'), 40 | 'useTLS' => true, 41 | ], 42 | ], 43 | 44 | 'ably' => [ 45 | 'driver' => 'ably', 46 | 'key' => env('ABLY_KEY'), 47 | ], 48 | 49 | 'redis' => [ 50 | 'driver' => 'redis', 51 | 'connection' => 'default', 52 | ], 53 | 54 | 'log' => [ 55 | 'driver' => 'log', 56 | ], 57 | 58 | 'null' => [ 59 | 'driver' => 'null', 60 | ], 61 | 62 | ], 63 | 64 | ]; 65 | -------------------------------------------------------------------------------- /app/Actions/Fortify/UpdateUserProfileInformation.php: -------------------------------------------------------------------------------- 1 | ['required', 'string', 'max:255'], 23 | 'email' => ['required', 'email', 'max:255', Rule::unique('users')->ignore($user->id)], 24 | 'photo' => ['nullable', 'mimes:jpg,jpeg,png', 'max:1024'], 25 | ])->validateWithBag('updateProfileInformation'); 26 | 27 | if (isset($input['photo'])) { 28 | $user->updateProfilePhoto($input['photo']); 29 | } 30 | 31 | if ($input['email'] !== $user->email && 32 | $user instanceof MustVerifyEmail) { 33 | $this->updateVerifiedUser($user, $input); 34 | } else { 35 | $user->forceFill([ 36 | 'name' => $input['name'], 37 | 'email' => $input['email'], 38 | ])->save(); 39 | } 40 | } 41 | 42 | /** 43 | * Update the given verified user's profile information. 44 | * 45 | * @param mixed $user 46 | * @param array $input 47 | * @return void 48 | */ 49 | protected function updateVerifiedUser($user, array $input) 50 | { 51 | $user->forceFill([ 52 | 'name' => $input['name'], 53 | 'email' => $input['email'], 54 | 'email_verified_at' => null, 55 | ])->save(); 56 | 57 | $user->sendEmailVerificationNotification(); 58 | } 59 | } 60 | -------------------------------------------------------------------------------- /resources/js/Pages/Auth/VerifyEmail.vue: -------------------------------------------------------------------------------- 1 | 28 | 29 | 64 | -------------------------------------------------------------------------------- /resources/js/Pages/Auth/ForgotPassword.vue: -------------------------------------------------------------------------------- 1 | 33 | 34 | 71 | -------------------------------------------------------------------------------- /composer.json: -------------------------------------------------------------------------------- 1 | { 2 | "name": "laravel/laravel", 3 | "type": "project", 4 | "description": "The Laravel Framework.", 5 | "keywords": ["framework", "laravel"], 6 | "license": "MIT", 7 | "require": { 8 | "php": "^7.3|^8.0", 9 | "fideloper/proxy": "^4.4", 10 | "fruitcake/laravel-cors": "^2.0", 11 | "guzzlehttp/guzzle": "^7.0.1", 12 | "inertiajs/inertia-laravel": "^0.3.5", 13 | "laravel/framework": "^8.12", 14 | "laravel/jetstream": "^2.3", 15 | "laravel/sanctum": "^2.6", 16 | "laravel/tinker": "^2.5", 17 | "spatie/laravel-permission": "^4.0", 18 | "tightenco/ziggy": "^1.0" 19 | }, 20 | "require-dev": { 21 | "facade/ignition": "^2.5", 22 | "fakerphp/faker": "^1.9.1", 23 | "laravel/sail": "^1.0.1", 24 | "mockery/mockery": "^1.4.2", 25 | "nascent-africa/jetstrap": "^2.4", 26 | "nunomaduro/collision": "^5.0", 27 | "phpunit/phpunit": "^9.3.3" 28 | }, 29 | "autoload": { 30 | "psr-4": { 31 | "App\\": "app/", 32 | "Database\\Factories\\": "database/factories/", 33 | "Database\\Seeders\\": "database/seeders/" 34 | } 35 | }, 36 | "autoload-dev": { 37 | "psr-4": { 38 | "Tests\\": "tests/" 39 | } 40 | }, 41 | "scripts": { 42 | "post-autoload-dump": [ 43 | "Illuminate\\Foundation\\ComposerScripts::postAutoloadDump", 44 | "@php artisan package:discover --ansi" 45 | ], 46 | "post-root-package-install": [ 47 | "@php -r \"file_exists('.env') || copy('.env.example', '.env');\"" 48 | ], 49 | "post-create-project-cmd": [ 50 | "@php artisan key:generate --ansi" 51 | ] 52 | }, 53 | "extra": { 54 | "laravel": { 55 | "dont-discover": [] 56 | } 57 | }, 58 | "config": { 59 | "optimize-autoloader": true, 60 | "preferred-install": "dist", 61 | "sort-packages": true 62 | }, 63 | "minimum-stability": "dev", 64 | "prefer-stable": true 65 | } 66 | -------------------------------------------------------------------------------- /app/Http/Controllers/Admins/AdminDashboardController.php: -------------------------------------------------------------------------------- 1 | subDays(3); 21 | return Inertia::render('Admins/Dashboard', [ 22 | 'users' => User::where('is_admin', 0)->whereDate('created_at', '>', $ago)->count() 23 | ]); 24 | } 25 | 26 | /** 27 | * Show the form for creating a new resource. 28 | * 29 | * @return \Illuminate\Http\Response 30 | */ 31 | public function create() 32 | { 33 | // 34 | } 35 | 36 | /** 37 | * Store a newly created resource in storage. 38 | * 39 | * @param \Illuminate\Http\Request $request 40 | * @return \Illuminate\Http\Response 41 | */ 42 | public function store(Request $request) 43 | { 44 | // 45 | } 46 | 47 | /** 48 | * Display the specified resource. 49 | * 50 | * @param int $id 51 | * @return \Illuminate\Http\Response 52 | */ 53 | public function show($id) 54 | { 55 | // 56 | } 57 | 58 | /** 59 | * Show the form for editing the specified resource. 60 | * 61 | * @param int $id 62 | * @return \Illuminate\Http\Response 63 | */ 64 | public function edit($id) 65 | { 66 | // 67 | } 68 | 69 | /** 70 | * Update the specified resource in storage. 71 | * 72 | * @param \Illuminate\Http\Request $request 73 | * @param int $id 74 | * @return \Illuminate\Http\Response 75 | */ 76 | public function update(Request $request, $id) 77 | { 78 | // 79 | } 80 | 81 | /** 82 | * Remove the specified resource from storage. 83 | * 84 | * @param int $id 85 | * @return \Illuminate\Http\Response 86 | */ 87 | public function destroy($id) 88 | { 89 | // 90 | } 91 | } 92 | -------------------------------------------------------------------------------- /tests/Feature/PasswordResetTest.php: -------------------------------------------------------------------------------- 1 | get('/forgot-password'); 18 | 19 | $response->assertStatus(200); 20 | } 21 | 22 | public function test_reset_password_link_can_be_requested() 23 | { 24 | Notification::fake(); 25 | 26 | $user = User::factory()->create(); 27 | 28 | $response = $this->post('/forgot-password', [ 29 | 'email' => $user->email, 30 | ]); 31 | 32 | Notification::assertSentTo($user, ResetPassword::class); 33 | } 34 | 35 | public function test_reset_password_screen_can_be_rendered() 36 | { 37 | Notification::fake(); 38 | 39 | $user = User::factory()->create(); 40 | 41 | $response = $this->post('/forgot-password', [ 42 | 'email' => $user->email, 43 | ]); 44 | 45 | Notification::assertSentTo($user, ResetPassword::class, function ($notification) { 46 | $response = $this->get('/reset-password/'.$notification->token); 47 | 48 | $response->assertStatus(200); 49 | 50 | return true; 51 | }); 52 | } 53 | 54 | public function test_password_can_be_reset_with_valid_token() 55 | { 56 | Notification::fake(); 57 | 58 | $user = User::factory()->create(); 59 | 60 | $response = $this->post('/forgot-password', [ 61 | 'email' => $user->email, 62 | ]); 63 | 64 | Notification::assertSentTo($user, ResetPassword::class, function ($notification) use ($user) { 65 | $response = $this->post('/reset-password', [ 66 | 'token' => $notification->token, 67 | 'email' => $user->email, 68 | 'password' => 'password', 69 | 'password_confirmation' => 'password', 70 | ]); 71 | 72 | $response->assertSessionHasNoErrors(); 73 | 74 | return true; 75 | }); 76 | } 77 | } 78 | -------------------------------------------------------------------------------- /config/jetstream.php: -------------------------------------------------------------------------------- 1 | 'inertia', 19 | 20 | /* 21 | |-------------------------------------------------------------------------- 22 | | Jetstream Route Middleware 23 | |-------------------------------------------------------------------------- 24 | | 25 | | Here you may specify which middleware Jetstream will assign to the routes 26 | | that it registers with the application. When necessary, you may modify 27 | | these middleware; however, this default value is usually sufficient. 28 | | 29 | */ 30 | 31 | 'middleware' => ['web'], 32 | 33 | /* 34 | |-------------------------------------------------------------------------- 35 | | Features 36 | |-------------------------------------------------------------------------- 37 | | 38 | | Some of Jetstream's features are optional. You may disable the features 39 | | by removing them from this array. You're free to only remove some of 40 | | these features or you can even remove all of these if you need to. 41 | | 42 | */ 43 | 44 | 'features' => [ 45 | // Features::termsAndPrivacyPolicy(), 46 | // Features::profilePhotos(), 47 | // Features::api(), 48 | // Features::teams(['invitations' => true]), 49 | Features::accountDeletion(), 50 | ], 51 | 52 | /* 53 | |-------------------------------------------------------------------------- 54 | | Profile Photo Disk 55 | |-------------------------------------------------------------------------- 56 | | 57 | | This configuration value determines the default disk that will be used 58 | | when storing profile photos for your application's users. Typically 59 | | this will be the "public" disk but you may adjust this if needed. 60 | | 61 | */ 62 | 63 | 'profile_photo_disk' => 'public', 64 | 65 | ]; 66 | -------------------------------------------------------------------------------- /resources/js/Layouts/AdminLayout.vue: -------------------------------------------------------------------------------- 1 | 42 | 71 | -------------------------------------------------------------------------------- /config/filesystems.php: -------------------------------------------------------------------------------- 1 | env('FILESYSTEM_DRIVER', 'local'), 17 | 18 | /* 19 | |-------------------------------------------------------------------------- 20 | | Filesystem Disks 21 | |-------------------------------------------------------------------------- 22 | | 23 | | Here you may configure as many filesystem "disks" as you wish, and you 24 | | may even configure multiple disks of the same driver. Defaults have 25 | | been setup for each driver as an example of the required options. 26 | | 27 | | Supported Drivers: "local", "ftp", "sftp", "s3" 28 | | 29 | */ 30 | 31 | 'disks' => [ 32 | 33 | 'local' => [ 34 | 'driver' => 'local', 35 | 'root' => storage_path('app'), 36 | ], 37 | 38 | 'public' => [ 39 | 'driver' => 'local', 40 | 'root' => storage_path('app/public'), 41 | 'url' => env('APP_URL').'/storage', 42 | 'visibility' => 'public', 43 | ], 44 | 45 | 's3' => [ 46 | 'driver' => 's3', 47 | 'key' => env('AWS_ACCESS_KEY_ID'), 48 | 'secret' => env('AWS_SECRET_ACCESS_KEY'), 49 | 'region' => env('AWS_DEFAULT_REGION'), 50 | 'bucket' => env('AWS_BUCKET'), 51 | 'url' => env('AWS_URL'), 52 | 'endpoint' => env('AWS_ENDPOINT'), 53 | ], 54 | 55 | ], 56 | 57 | /* 58 | |-------------------------------------------------------------------------- 59 | | Symbolic Links 60 | |-------------------------------------------------------------------------- 61 | | 62 | | Here you may configure the symbolic links that will be created when the 63 | | `storage:link` Artisan command is executed. The array keys should be 64 | | the locations of the links and the values should be their targets. 65 | | 66 | */ 67 | 68 | 'links' => [ 69 | public_path('storage') => storage_path('app/public'), 70 | ], 71 | 72 | ]; 73 | -------------------------------------------------------------------------------- /resources/sass/_custom.scss: -------------------------------------------------------------------------------- 1 | // Custom style... 2 | 3 | .antialiased { 4 | -webkit-font-smoothing: antialiased; 5 | -moz-osx-font-smoothing: grayscale; 6 | } 7 | 8 | .font-sans { 9 | font-family: Nunito, ui-sans-serif, system-ui, -apple-system, BlinkMacSystemFont, "Segoe UI", Roboto, "Helvetica Neue", Arial, "Noto Sans", sans-serif, "Apple Color Emoji", "Segoe UI Emoji", "Segoe UI Symbol", "Noto Color Emoji"; 10 | } 11 | 12 | /* 13 | * Dropdown Menu Animation for Bootstrap Navbar 14 | * https://startbootstrap.com/snippets/animated-navbar-dropdown 15 | */ 16 | 17 | // Change this breakpoint if you change the breakpoint of the navbar 18 | @media (min-width: 992px) { 19 | .animate { 20 | animation-duration: 0.3s; 21 | -webkit-animation-duration: 0.3s; 22 | animation-fill-mode: both; 23 | -webkit-animation-fill-mode: both; 24 | } 25 | } 26 | 27 | @keyframes slideIn { 28 | 0% { 29 | transform: translateY(1rem); 30 | opacity: 0; 31 | } 32 | 100% { 33 | transform:translateY(0rem); 34 | opacity: 1; 35 | } 36 | 0% { 37 | transform: translateY(1rem); 38 | opacity: 0; 39 | } 40 | } 41 | 42 | @-webkit-keyframes slideIn { 43 | 0% { 44 | -webkit-transform: transform; 45 | -webkit-opacity: 0; 46 | } 47 | 100% { 48 | -webkit-transform: translateY(0); 49 | -webkit-opacity: 1; 50 | } 51 | 0% { 52 | -webkit-transform: translateY(1rem); 53 | -webkit-opacity: 0; 54 | } 55 | } 56 | 57 | .slideIn { 58 | -webkit-animation-name: slideIn; 59 | animation-name: slideIn; 60 | } 61 | 62 | .bg-indigo { 63 | background-color: #6574cd !important; 64 | } 65 | 66 | .h-5 { 67 | height: 1.25rem !important; 68 | } 69 | 70 | .w-5 { 71 | height: 1.25rem !important; 72 | } 73 | 74 | .flex-1 { 75 | flex: 1 1 0%; 76 | } 77 | 78 | // Extra large devices (large desktops, 1200px and up) 79 | @media (min-width: 1200px) { 80 | .container { 81 | max-width: 1250px; 82 | } 83 | } 84 | 85 | .bg-light { 86 | background: #f3f4f6 !important; 87 | } 88 | 89 | .card { 90 | border-radius: 0.475rem; 91 | border: 0; 92 | } 93 | 94 | .card-footer { 95 | padding: 0.75rem 1.25rem; 96 | background-color: #f9fafb; 97 | border-top: 0; 98 | } 99 | 100 | .card-footer:last-child { 101 | border-radius: 0 0 0.475rem 0.475rem; 102 | } 103 | 104 | .dropdown-menu { 105 | width: 220px; 106 | } 107 | 108 | .small { 109 | font-size: .875rem !important; 110 | } 111 | -------------------------------------------------------------------------------- /resources/js/Pages/Auth/ResetPassword.vue: -------------------------------------------------------------------------------- 1 | 39 | 40 | 83 | -------------------------------------------------------------------------------- /public/js/app.js.LICENSE.txt: -------------------------------------------------------------------------------- 1 | /* NProgress, (c) 2013, 2014 Rico Sta. Cruz - http://ricostacruz.com/nprogress 2 | * @license MIT */ 3 | 4 | /*! 5 | * Bootstrap v4.6.0 (https://getbootstrap.com/) 6 | * Copyright 2011-2021 The Bootstrap Authors (https://github.com/twbs/bootstrap/graphs/contributors) 7 | * Licensed under MIT (https://github.com/twbs/bootstrap/blob/main/LICENSE) 8 | */ 9 | 10 | /*! 11 | * Sizzle CSS Selector Engine v2.3.6 12 | * https://sizzlejs.com/ 13 | * 14 | * Copyright JS Foundation and other contributors 15 | * Released under the MIT license 16 | * https://js.foundation/ 17 | * 18 | * Date: 2021-02-16 19 | */ 20 | 21 | /*! 22 | * jQuery JavaScript Library v3.6.0 23 | * https://jquery.com/ 24 | * 25 | * Includes Sizzle.js 26 | * https://sizzlejs.com/ 27 | * 28 | * Copyright OpenJS Foundation and other contributors 29 | * Released under the MIT license 30 | * https://jquery.org/license 31 | * 32 | * Date: 2021-03-02T17:08Z 33 | */ 34 | 35 | /** 36 | * @license 37 | * Lodash 38 | * Copyright OpenJS Foundation and other contributors 39 | * Released under MIT license 40 | * Based on Underscore.js 1.8.3 41 | * Copyright Jeremy Ashkenas, DocumentCloud and Investigative Reporters & Editors 42 | */ 43 | 44 | /**! 45 | * @fileOverview Kickass library to create and place poppers near their reference elements. 46 | * @version 1.16.1 47 | * @license 48 | * Copyright (c) 2016 Federico Zivolo and contributors 49 | * 50 | * Permission is hereby granted, free of charge, to any person obtaining a copy 51 | * of this software and associated documentation files (the "Software"), to deal 52 | * in the Software without restriction, including without limitation the rights 53 | * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 54 | * copies of the Software, and to permit persons to whom the Software is 55 | * furnished to do so, subject to the following conditions: 56 | * 57 | * The above copyright notice and this permission notice shall be included in all 58 | * copies or substantial portions of the Software. 59 | * 60 | * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 61 | * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 62 | * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 63 | * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 64 | * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 65 | * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 66 | * SOFTWARE. 67 | */ 68 | -------------------------------------------------------------------------------- /tests/Feature/EmailVerificationTest.php: -------------------------------------------------------------------------------- 1 | markTestSkipped('Email verification not enabled.'); 23 | } 24 | 25 | $user = User::factory()->withPersonalTeam()->create([ 26 | 'email_verified_at' => null, 27 | ]); 28 | 29 | $response = $this->actingAs($user)->get('/email/verify'); 30 | 31 | $response->assertStatus(200); 32 | } 33 | 34 | public function test_email_can_be_verified() 35 | { 36 | if (! Features::enabled(Features::emailVerification())) { 37 | return $this->markTestSkipped('Email verification not enabled.'); 38 | } 39 | 40 | Event::fake(); 41 | 42 | $user = User::factory()->create([ 43 | 'email_verified_at' => null, 44 | ]); 45 | 46 | $verificationUrl = URL::temporarySignedRoute( 47 | 'verification.verify', 48 | now()->addMinutes(60), 49 | ['id' => $user->id, 'hash' => sha1($user->email)] 50 | ); 51 | 52 | $response = $this->actingAs($user)->get($verificationUrl); 53 | 54 | Event::assertDispatched(Verified::class); 55 | 56 | $this->assertTrue($user->fresh()->hasVerifiedEmail()); 57 | $response->assertRedirect(RouteServiceProvider::HOME.'?verified=1'); 58 | } 59 | 60 | public function test_email_can_not_verified_with_invalid_hash() 61 | { 62 | if (! Features::enabled(Features::emailVerification())) { 63 | return $this->markTestSkipped('Email verification not enabled.'); 64 | } 65 | 66 | $user = User::factory()->create([ 67 | 'email_verified_at' => null, 68 | ]); 69 | 70 | $verificationUrl = URL::temporarySignedRoute( 71 | 'verification.verify', 72 | now()->addMinutes(60), 73 | ['id' => $user->id, 'hash' => sha1('wrong-email')] 74 | ); 75 | 76 | $this->actingAs($user)->get($verificationUrl); 77 | 78 | $this->assertFalse($user->fresh()->hasVerifiedEmail()); 79 | } 80 | } 81 | -------------------------------------------------------------------------------- /resources/js/Jetstream/Banner.vue: -------------------------------------------------------------------------------- 1 | 39 | 40 | 59 | -------------------------------------------------------------------------------- /app/Http/Kernel.php: -------------------------------------------------------------------------------- 1 | [ 33 | \App\Http\Middleware\EncryptCookies::class, 34 | \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class, 35 | \Illuminate\Session\Middleware\StartSession::class, 36 | \Laravel\Jetstream\Http\Middleware\AuthenticateSession::class, 37 | \Illuminate\View\Middleware\ShareErrorsFromSession::class, 38 | \App\Http\Middleware\VerifyCsrfToken::class, 39 | \Illuminate\Routing\Middleware\SubstituteBindings::class, 40 | \App\Http\Middleware\HandleInertiaRequests::class, 41 | ], 42 | 43 | 'api' => [ 44 | 'throttle:api', 45 | \Illuminate\Routing\Middleware\SubstituteBindings::class, 46 | ], 47 | ]; 48 | 49 | /** 50 | * The application's route middleware. 51 | * 52 | * These middleware may be assigned to groups or used individually. 53 | * 54 | * @var array 55 | */ 56 | protected $routeMiddleware = [ 57 | 'auth' => \App\Http\Middleware\Authenticate::class, 58 | 'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class, 59 | 'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class, 60 | 'can' => \Illuminate\Auth\Middleware\Authorize::class, 61 | 'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class, 62 | 'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class, 63 | 'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class, 64 | 'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class, 65 | 'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class, 66 | 'role' => \Spatie\Permission\Middlewares\RoleMiddleware::class, 67 | ]; 68 | } 69 | -------------------------------------------------------------------------------- /resources/js/Pages/Auth/Login.vue: -------------------------------------------------------------------------------- 1 | 51 | 52 | 101 | -------------------------------------------------------------------------------- /app/Http/Controllers/Admins/AdminController.php: -------------------------------------------------------------------------------- 1 | middleware(['role:super-admin|admin|moderator|developer']); 16 | } 17 | 18 | /** 19 | * Display a listing of the resource. 20 | * 21 | * @return \Illuminate\Http\Response 22 | */ 23 | public function index() { 24 | return Inertia::render('Admins/Admins/Index', [ 25 | 'admins' => User::where('is_admin', 1)->get(), 26 | 'roles' => Role::all() 27 | ]); 28 | } 29 | 30 | /** 31 | * Show the form for creating a new resource. 32 | * 33 | * @return \Illuminate\Http\Response 34 | */ 35 | public function create() 36 | { 37 | // 38 | } 39 | 40 | /** 41 | * Store a newly created resource in storage. 42 | * 43 | * @param \Illuminate\Http\Request $request 44 | * @return \Illuminate\Http\Response 45 | */ 46 | public function store(Request $request) 47 | { 48 | // 49 | } 50 | 51 | /** 52 | * Display the specified resource. 53 | * 54 | * @param \App\Models\User $user 55 | * @return \Illuminate\Http\Response 56 | */ 57 | public function show(User $user) 58 | { 59 | // 60 | } 61 | 62 | /** 63 | * Show the form for editing the specified resource. 64 | * 65 | * @param \App\Models\User $user 66 | * @return \Illuminate\Http\Response 67 | */ 68 | public function edit(User $user) 69 | { 70 | // 71 | } 72 | 73 | /** 74 | * Update the specified resource in storage. 75 | * 76 | * @param \Illuminate\Http\Request $request 77 | * @param \App\Models\User $user 78 | * @return \Illuminate\Http\Response 79 | */ 80 | public function update(Request $request, User $user) { 81 | if (auth()->user()->hasAnyRole(['super-admin', 'admin'])) { 82 | if (!$request->roles) { 83 | return back()->withErrors(['roles' => 'The role field is required']); 84 | } 85 | if ($request->roles['id'] != 5) { 86 | $adminRole = Role::where('id', $request->roles['id'])->first(); 87 | $user->syncRoles($adminRole); 88 | return back(); 89 | } else { 90 | $userRole = Role::where('id', 5)->first(); 91 | $user->update(['is_admin' => 0]); 92 | $user->syncRoles($userRole); 93 | return back(); 94 | } 95 | return back(); 96 | } 97 | return back(); 98 | } 99 | 100 | /** 101 | * Remove the specified resource from storage. 102 | * 103 | * @param \App\Models\User $user 104 | * @return \Illuminate\Http\Response 105 | */ 106 | public function destroy(User $user) 107 | { 108 | // 109 | } 110 | } 111 | -------------------------------------------------------------------------------- /app/Http/Controllers/Admins/PermissionController.php: -------------------------------------------------------------------------------- 1 | middleware(['role:super-admin|admin']); 14 | } 15 | 16 | /** 17 | * Display a listing of the resource. 18 | * 19 | * @return \Illuminate\Http\Response 20 | */ 21 | public function index() { 22 | return Inertia::render('Admins/Permissions/Index', [ 23 | 'permissions' => Permission::latest()->paginate(5) 24 | ]); 25 | } 26 | 27 | /** 28 | * Show the form for creating a new resource. 29 | * 30 | * @return \Illuminate\Http\Response 31 | */ 32 | public function create() 33 | { 34 | // 35 | } 36 | 37 | /** 38 | * Store a newly created resource in storage. 39 | * 40 | * @param \Illuminate\Http\Request $request 41 | * @return \Illuminate\Http\Response 42 | */ 43 | public function store(Request $request) { 44 | $this->validate($request, [ 45 | 'name' => ['required', 'max:25', 'unique:permissions'], 46 | 'description' => ['required', 'max:25'], 47 | ]); 48 | Permission::create([ 49 | 'name' => $request->name, 50 | 'description' => $request->description, 51 | 'guard_name' => 'web', 52 | ]); 53 | return back(); 54 | } 55 | 56 | /** 57 | * Display the specified resource. 58 | * 59 | * @param \App\Models\Permission $permission 60 | * @return \Illuminate\Http\Response 61 | */ 62 | public function show(Permission $permission) 63 | { 64 | // 65 | } 66 | 67 | /** 68 | * Show the form for editing the specified resource. 69 | * 70 | * @param \App\Models\Permission $permission 71 | * @return \Illuminate\Http\Response 72 | */ 73 | public function edit(Permission $permission) 74 | { 75 | // 76 | } 77 | 78 | /** 79 | * Update the specified resource in storage. 80 | * 81 | * @param \Illuminate\Http\Request $request 82 | * @param \App\Models\Permission $permission 83 | * @return \Illuminate\Http\Response 84 | */ 85 | public function update(Request $request, Permission $permission) { 86 | $this->validate($request, [ 87 | 'name' => ['required', 'max:25'], 88 | 'description' => ['required', 'max:25'], 89 | ]); 90 | $permission->update([ 91 | 'name' => $request->name, 92 | 'description' => $request->description, 93 | ]); 94 | return back(); 95 | } 96 | 97 | /** 98 | * Remove the specified resource from storage. 99 | * 100 | * @param \App\Models\Permission $permission 101 | * @return \Illuminate\Http\Response 102 | */ 103 | public function destroy(Permission $permission) { 104 | $permission->delete(); 105 | return back(); 106 | } 107 | } 108 | -------------------------------------------------------------------------------- /config/queue.php: -------------------------------------------------------------------------------- 1 | env('QUEUE_CONNECTION', 'sync'), 17 | 18 | /* 19 | |-------------------------------------------------------------------------- 20 | | Queue Connections 21 | |-------------------------------------------------------------------------- 22 | | 23 | | Here you may configure the connection information for each server that 24 | | is used by your application. A default configuration has been added 25 | | for each back-end shipped with Laravel. You are free to add more. 26 | | 27 | | Drivers: "sync", "database", "beanstalkd", "sqs", "redis", "null" 28 | | 29 | */ 30 | 31 | 'connections' => [ 32 | 33 | 'sync' => [ 34 | 'driver' => 'sync', 35 | ], 36 | 37 | 'database' => [ 38 | 'driver' => 'database', 39 | 'table' => 'jobs', 40 | 'queue' => 'default', 41 | 'retry_after' => 90, 42 | 'after_commit' => false, 43 | ], 44 | 45 | 'beanstalkd' => [ 46 | 'driver' => 'beanstalkd', 47 | 'host' => 'localhost', 48 | 'queue' => 'default', 49 | 'retry_after' => 90, 50 | 'block_for' => 0, 51 | 'after_commit' => false, 52 | ], 53 | 54 | 'sqs' => [ 55 | 'driver' => 'sqs', 56 | 'key' => env('AWS_ACCESS_KEY_ID'), 57 | 'secret' => env('AWS_SECRET_ACCESS_KEY'), 58 | 'prefix' => env('SQS_PREFIX', 'https://sqs.us-east-1.amazonaws.com/your-account-id'), 59 | 'queue' => env('SQS_QUEUE', 'default'), 60 | 'suffix' => env('SQS_SUFFIX'), 61 | 'region' => env('AWS_DEFAULT_REGION', 'us-east-1'), 62 | 'after_commit' => false, 63 | ], 64 | 65 | 'redis' => [ 66 | 'driver' => 'redis', 67 | 'connection' => 'default', 68 | 'queue' => env('REDIS_QUEUE', 'default'), 69 | 'retry_after' => 90, 70 | 'block_for' => null, 71 | 'after_commit' => false, 72 | ], 73 | 74 | ], 75 | 76 | /* 77 | |-------------------------------------------------------------------------- 78 | | Failed Queue Jobs 79 | |-------------------------------------------------------------------------- 80 | | 81 | | These options configure the behavior of failed queue job logging so you 82 | | can control which database and table are used to store the jobs that 83 | | have failed. You may change them to any database / table you wish. 84 | | 85 | */ 86 | 87 | 'failed' => [ 88 | 'driver' => env('QUEUE_FAILED_DRIVER', 'database-uuids'), 89 | 'database' => env('DB_CONNECTION', 'mysql'), 90 | 'table' => 'failed_jobs', 91 | ], 92 | 93 | ]; 94 | -------------------------------------------------------------------------------- /resources/js/Pages/Auth/TwoFactorChallenge.vue: -------------------------------------------------------------------------------- 1 | 51 | 52 | 101 | -------------------------------------------------------------------------------- /resources/js/Jetstream/ApplicationLogo.vue: -------------------------------------------------------------------------------- 1 | 8 | -------------------------------------------------------------------------------- /resources/js/Pages/Profile/UpdatePasswordForm.vue: -------------------------------------------------------------------------------- 1 | 47 | 48 | 98 | -------------------------------------------------------------------------------- /resources/js/Pages/Auth/Register.vue: -------------------------------------------------------------------------------- 1 | 57 | 58 | 99 | -------------------------------------------------------------------------------- /resources/js/Jetstream/ConfirmsPassword.vue: -------------------------------------------------------------------------------- 1 | 38 | 39 | 121 | -------------------------------------------------------------------------------- /config/logging.php: -------------------------------------------------------------------------------- 1 | env('LOG_CHANNEL', 'stack'), 21 | 22 | /* 23 | |-------------------------------------------------------------------------- 24 | | Log Channels 25 | |-------------------------------------------------------------------------- 26 | | 27 | | Here you may configure the log channels for your application. Out of 28 | | the box, Laravel uses the Monolog PHP logging library. This gives 29 | | you a variety of powerful log handlers / formatters to utilize. 30 | | 31 | | Available Drivers: "single", "daily", "slack", "syslog", 32 | | "errorlog", "monolog", 33 | | "custom", "stack" 34 | | 35 | */ 36 | 37 | 'channels' => [ 38 | 'stack' => [ 39 | 'driver' => 'stack', 40 | 'channels' => ['single'], 41 | 'ignore_exceptions' => false, 42 | ], 43 | 44 | 'single' => [ 45 | 'driver' => 'single', 46 | 'path' => storage_path('logs/laravel.log'), 47 | 'level' => env('LOG_LEVEL', 'debug'), 48 | ], 49 | 50 | 'daily' => [ 51 | 'driver' => 'daily', 52 | 'path' => storage_path('logs/laravel.log'), 53 | 'level' => env('LOG_LEVEL', 'debug'), 54 | 'days' => 14, 55 | ], 56 | 57 | 'slack' => [ 58 | 'driver' => 'slack', 59 | 'url' => env('LOG_SLACK_WEBHOOK_URL'), 60 | 'username' => 'Laravel Log', 61 | 'emoji' => ':boom:', 62 | 'level' => env('LOG_LEVEL', 'critical'), 63 | ], 64 | 65 | 'papertrail' => [ 66 | 'driver' => 'monolog', 67 | 'level' => env('LOG_LEVEL', 'debug'), 68 | 'handler' => SyslogUdpHandler::class, 69 | 'handler_with' => [ 70 | 'host' => env('PAPERTRAIL_URL'), 71 | 'port' => env('PAPERTRAIL_PORT'), 72 | ], 73 | ], 74 | 75 | 'stderr' => [ 76 | 'driver' => 'monolog', 77 | 'level' => env('LOG_LEVEL', 'debug'), 78 | 'handler' => StreamHandler::class, 79 | 'formatter' => env('LOG_STDERR_FORMATTER'), 80 | 'with' => [ 81 | 'stream' => 'php://stderr', 82 | ], 83 | ], 84 | 85 | 'syslog' => [ 86 | 'driver' => 'syslog', 87 | 'level' => env('LOG_LEVEL', 'debug'), 88 | ], 89 | 90 | 'errorlog' => [ 91 | 'driver' => 'errorlog', 92 | 'level' => env('LOG_LEVEL', 'debug'), 93 | ], 94 | 95 | 'null' => [ 96 | 'driver' => 'monolog', 97 | 'handler' => NullHandler::class, 98 | ], 99 | 100 | 'emergency' => [ 101 | 'path' => storage_path('logs/laravel.log'), 102 | ], 103 | ], 104 | 105 | ]; 106 | -------------------------------------------------------------------------------- /resources/js/Pages/Profile/DeleteUserForm.vue: -------------------------------------------------------------------------------- 1 | 55 | 56 | 110 | -------------------------------------------------------------------------------- /config/cache.php: -------------------------------------------------------------------------------- 1 | env('CACHE_DRIVER', 'file'), 19 | 20 | /* 21 | |-------------------------------------------------------------------------- 22 | | Cache Stores 23 | |-------------------------------------------------------------------------- 24 | | 25 | | Here you may define all of the cache "stores" for your application as 26 | | well as their drivers. You may even define multiple stores for the 27 | | same cache driver to group types of items stored in your caches. 28 | | 29 | | Supported drivers: "apc", "array", "database", "file", 30 | | "memcached", "redis", "dynamodb", "null" 31 | | 32 | */ 33 | 34 | 'stores' => [ 35 | 36 | 'apc' => [ 37 | 'driver' => 'apc', 38 | ], 39 | 40 | 'array' => [ 41 | 'driver' => 'array', 42 | 'serialize' => false, 43 | ], 44 | 45 | 'database' => [ 46 | 'driver' => 'database', 47 | 'table' => 'cache', 48 | 'connection' => null, 49 | 'lock_connection' => null, 50 | ], 51 | 52 | 'file' => [ 53 | 'driver' => 'file', 54 | 'path' => storage_path('framework/cache/data'), 55 | ], 56 | 57 | 'memcached' => [ 58 | 'driver' => 'memcached', 59 | 'persistent_id' => env('MEMCACHED_PERSISTENT_ID'), 60 | 'sasl' => [ 61 | env('MEMCACHED_USERNAME'), 62 | env('MEMCACHED_PASSWORD'), 63 | ], 64 | 'options' => [ 65 | // Memcached::OPT_CONNECT_TIMEOUT => 2000, 66 | ], 67 | 'servers' => [ 68 | [ 69 | 'host' => env('MEMCACHED_HOST', '127.0.0.1'), 70 | 'port' => env('MEMCACHED_PORT', 11211), 71 | 'weight' => 100, 72 | ], 73 | ], 74 | ], 75 | 76 | 'redis' => [ 77 | 'driver' => 'redis', 78 | 'connection' => 'cache', 79 | 'lock_connection' => 'default', 80 | ], 81 | 82 | 'dynamodb' => [ 83 | 'driver' => 'dynamodb', 84 | 'key' => env('AWS_ACCESS_KEY_ID'), 85 | 'secret' => env('AWS_SECRET_ACCESS_KEY'), 86 | 'region' => env('AWS_DEFAULT_REGION', 'us-east-1'), 87 | 'table' => env('DYNAMODB_CACHE_TABLE', 'cache'), 88 | 'endpoint' => env('DYNAMODB_ENDPOINT'), 89 | ], 90 | 91 | ], 92 | 93 | /* 94 | |-------------------------------------------------------------------------- 95 | | Cache Key Prefix 96 | |-------------------------------------------------------------------------- 97 | | 98 | | When utilizing a RAM based store such as APC or Memcached, there might 99 | | be other applications utilizing the same cache. So, we'll specify a 100 | | value to get prefixed to all our keys so we can avoid collisions. 101 | | 102 | */ 103 | 104 | 'prefix' => env('CACHE_PREFIX', Str::slug(env('APP_NAME', 'laravel'), '_').'_cache'), 105 | 106 | ]; 107 | -------------------------------------------------------------------------------- /app/Http/Controllers/Admins/RoleController.php: -------------------------------------------------------------------------------- 1 | middleware(['role:super-admin|admin|moderator']); 15 | } 16 | 17 | /** 18 | * Display a listing of the resource. 19 | * 20 | * @return \Illuminate\Http\Response 21 | */ 22 | public function index() { 23 | return Inertia::render('Admins/Roles/Index', [ 24 | 'roles' => Role::with('permissions')->paginate(5), 25 | 'permissions' => Permission::all(), 26 | ]); 27 | } 28 | 29 | /** 30 | * Show the form for creating a new resource. 31 | * 32 | * @return \Illuminate\Http\Response 33 | */ 34 | public function create() 35 | { 36 | // 37 | } 38 | 39 | /** 40 | * Store a newly created resource in storage. 41 | * 42 | * @param \Illuminate\Http\Request $request 43 | * @return \Illuminate\Http\Response 44 | */ 45 | public function store(Request $request) { 46 | if (auth()->user()->hasAnyRole(['super-admin', 'admin'])) { 47 | $this->validate($request, [ 48 | 'name' => ['required', 'max:25', 'unique:roles'], 49 | 'permissions' => 'required' 50 | ]); 51 | $role = Role::create([ 52 | 'name' => $request->name, 53 | 'guard_name' => 'web', 54 | ]); 55 | if ($request->has('permissions')) { 56 | $role->givePermissionTo(collect($request->permissions)->pluck('id')->toArray()); 57 | } 58 | return back(); 59 | } 60 | return back(); 61 | } 62 | 63 | /** 64 | * Display the specified resource. 65 | * 66 | * @param \App\Models\Role $role 67 | * @return \Illuminate\Http\Response 68 | */ 69 | public function show(Role $role) 70 | { 71 | // 72 | } 73 | 74 | /** 75 | * Show the form for editing the specified resource. 76 | * 77 | * @param \App\Models\Role $role 78 | * @return \Illuminate\Http\Response 79 | */ 80 | public function edit(Role $role) 81 | { 82 | // 83 | } 84 | 85 | /** 86 | * Update the specified resource in storage. 87 | * 88 | * @param \Illuminate\Http\Request $request 89 | * @param \App\Models\Role $role 90 | * @return \Illuminate\Http\Response 91 | */ 92 | public function update(Request $request, Role $role) { 93 | if (auth()->user()->hasAnyRole(['super-admin', 'admin'])) { 94 | $this->validate($request, [ 95 | 'name' => ['required', 'max:25'], 96 | 'permissions' => 'required' 97 | ]); 98 | if ($request->has('permissions')) { 99 | $role->givePermissionTo(collect($request->permissions)->pluck('id')->toArray()); 100 | } 101 | $role->syncPermissions(collect($request->permissions)->pluck('id')->toArray()); 102 | $role->update(['name' => $request->name]); 103 | return back(); 104 | } 105 | return back(); 106 | } 107 | 108 | /** 109 | * Remove the specified resource from storage. 110 | * 111 | * @param \App\Models\Role $role 112 | * @return \Illuminate\Http\Response 113 | */ 114 | public function destroy(Role $role) { 115 | if (auth()->user()->hasAnyRole(['super-admin', 'admin'])) { 116 | $role->delete(); 117 | return back(); 118 | } 119 | return back(); 120 | } 121 | } 122 | -------------------------------------------------------------------------------- /config/mail.php: -------------------------------------------------------------------------------- 1 | env('MAIL_MAILER', 'smtp'), 17 | 18 | /* 19 | |-------------------------------------------------------------------------- 20 | | Mailer Configurations 21 | |-------------------------------------------------------------------------- 22 | | 23 | | Here you may configure all of the mailers used by your application plus 24 | | their respective settings. Several examples have been configured for 25 | | you and you are free to add your own as your application requires. 26 | | 27 | | Laravel supports a variety of mail "transport" drivers to be used while 28 | | sending an e-mail. You will specify which one you are using for your 29 | | mailers below. You are free to add additional mailers as required. 30 | | 31 | | Supported: "smtp", "sendmail", "mailgun", "ses", 32 | | "postmark", "log", "array" 33 | | 34 | */ 35 | 36 | 'mailers' => [ 37 | 'smtp' => [ 38 | 'transport' => 'smtp', 39 | 'host' => env('MAIL_HOST', 'smtp.mailgun.org'), 40 | 'port' => env('MAIL_PORT', 587), 41 | 'encryption' => env('MAIL_ENCRYPTION', 'tls'), 42 | 'username' => env('MAIL_USERNAME'), 43 | 'password' => env('MAIL_PASSWORD'), 44 | 'timeout' => null, 45 | 'auth_mode' => null, 46 | ], 47 | 48 | 'ses' => [ 49 | 'transport' => 'ses', 50 | ], 51 | 52 | 'mailgun' => [ 53 | 'transport' => 'mailgun', 54 | ], 55 | 56 | 'postmark' => [ 57 | 'transport' => 'postmark', 58 | ], 59 | 60 | 'sendmail' => [ 61 | 'transport' => 'sendmail', 62 | 'path' => '/usr/sbin/sendmail -bs', 63 | ], 64 | 65 | 'log' => [ 66 | 'transport' => 'log', 67 | 'channel' => env('MAIL_LOG_CHANNEL'), 68 | ], 69 | 70 | 'array' => [ 71 | 'transport' => 'array', 72 | ], 73 | ], 74 | 75 | /* 76 | |-------------------------------------------------------------------------- 77 | | Global "From" Address 78 | |-------------------------------------------------------------------------- 79 | | 80 | | You may wish for all e-mails sent by your application to be sent from 81 | | the same address. Here, you may specify a name and address that is 82 | | used globally for all e-mails that are sent by your application. 83 | | 84 | */ 85 | 86 | 'from' => [ 87 | 'address' => env('MAIL_FROM_ADDRESS', 'hello@example.com'), 88 | 'name' => env('MAIL_FROM_NAME', 'Example'), 89 | ], 90 | 91 | /* 92 | |-------------------------------------------------------------------------- 93 | | Markdown Mail Settings 94 | |-------------------------------------------------------------------------- 95 | | 96 | | If you are using Markdown based email rendering, you may configure your 97 | | theme and component paths here, allowing you to customize the design 98 | | of the emails. Or, you may simply stick with the Laravel defaults! 99 | | 100 | */ 101 | 102 | 'markdown' => [ 103 | 'theme' => 'default', 104 | 105 | 'paths' => [ 106 | resource_path('views/vendor/mail'), 107 | ], 108 | ], 109 | 110 | ]; 111 | -------------------------------------------------------------------------------- /config/auth.php: -------------------------------------------------------------------------------- 1 | [ 17 | 'guard' => 'web', 18 | 'passwords' => 'users', 19 | ], 20 | 21 | /* 22 | |-------------------------------------------------------------------------- 23 | | Authentication Guards 24 | |-------------------------------------------------------------------------- 25 | | 26 | | Next, you may define every authentication guard for your application. 27 | | Of course, a great default configuration has been defined for you 28 | | here which uses session storage and the Eloquent user provider. 29 | | 30 | | All authentication drivers have a user provider. This defines how the 31 | | users are actually retrieved out of your database or other storage 32 | | mechanisms used by this application to persist your user's data. 33 | | 34 | | Supported: "session", "token" 35 | | 36 | */ 37 | 38 | 'guards' => [ 39 | 'web' => [ 40 | 'driver' => 'session', 41 | 'provider' => 'users', 42 | ], 43 | 44 | 'api' => [ 45 | 'driver' => 'token', 46 | 'provider' => 'users', 47 | 'hash' => false, 48 | ], 49 | ], 50 | 51 | /* 52 | |-------------------------------------------------------------------------- 53 | | User Providers 54 | |-------------------------------------------------------------------------- 55 | | 56 | | All authentication drivers have a user provider. This defines how the 57 | | users are actually retrieved out of your database or other storage 58 | | mechanisms used by this application to persist your user's data. 59 | | 60 | | If you have multiple user tables or models you may configure multiple 61 | | sources which represent each model / table. These sources may then 62 | | be assigned to any extra authentication guards you have defined. 63 | | 64 | | Supported: "database", "eloquent" 65 | | 66 | */ 67 | 68 | 'providers' => [ 69 | 'users' => [ 70 | 'driver' => 'eloquent', 71 | 'model' => App\Models\User::class, 72 | ], 73 | 74 | // 'users' => [ 75 | // 'driver' => 'database', 76 | // 'table' => 'users', 77 | // ], 78 | ], 79 | 80 | /* 81 | |-------------------------------------------------------------------------- 82 | | Resetting Passwords 83 | |-------------------------------------------------------------------------- 84 | | 85 | | You may specify multiple password reset configurations if you have more 86 | | than one user table or model in the application and you want to have 87 | | separate password reset settings based on the specific user types. 88 | | 89 | | The expire time is the number of minutes that the reset token should be 90 | | considered valid. This security feature keeps tokens short-lived so 91 | | they have less time to be guessed. You may change this as needed. 92 | | 93 | */ 94 | 95 | 'passwords' => [ 96 | 'users' => [ 97 | 'provider' => 'users', 98 | 'table' => 'password_resets', 99 | 'expire' => 60, 100 | 'throttle' => 60, 101 | ], 102 | ], 103 | 104 | /* 105 | |-------------------------------------------------------------------------- 106 | | Password Confirmation Timeout 107 | |-------------------------------------------------------------------------- 108 | | 109 | | Here you may define the amount of seconds before a password confirmation 110 | | times out and the user is prompted to re-enter their password via the 111 | | confirmation screen. By default, the timeout lasts for three hours. 112 | | 113 | */ 114 | 115 | 'password_timeout' => 10800, 116 | 117 | ]; 118 | -------------------------------------------------------------------------------- /app/Http/Controllers/Admins/UserController.php: -------------------------------------------------------------------------------- 1 | middleware(['role:super-admin|admin|moderator']); 16 | } 17 | 18 | /** 19 | * Display a listing of the resource. 20 | * 21 | * @return \Illuminate\Http\Response 22 | */ 23 | public function index() { 24 | return Inertia::render('Admins/Users/Index', [ 25 | 'users' => User::where('is_admin', 0)->latest()->paginate(5), 26 | 'roles' => Role::all() 27 | ]); 28 | } 29 | 30 | /** 31 | * Show the form for creating a new resource. 32 | * 33 | * @return \Illuminate\Http\Response 34 | */ 35 | public function create() 36 | { 37 | // 38 | } 39 | 40 | /** 41 | * Store a newly created resource in storage. 42 | * 43 | * @param \Illuminate\Http\Request $request 44 | * @return \Illuminate\Http\Response 45 | */ 46 | public function store(Request $request) { 47 | if (auth()->user()->hasAnyRole(['super-admin', 'admin'])) { 48 | $this->validate($request, [ 49 | 'name' => ['required', 'max:50'], 50 | 'email' => ['required', 'string', 'email', 'max:50', 'unique:users'], 51 | ]); 52 | $user = User::create([ 53 | 'name' => $request->name, 54 | 'email' => $request->email, 55 | 'is_admin' => 0, 56 | 'password' => Hash::make('password') 57 | ]); 58 | $role = Role::where('id', 5)->first(); 59 | $user->syncRoles($role); 60 | return back(); 61 | } 62 | return back(); 63 | } 64 | 65 | /** 66 | * Display the specified resource. 67 | * 68 | * @param \App\Models\User $user 69 | * @return \Illuminate\Http\Response 70 | */ 71 | public function show(User $user) 72 | { 73 | // 74 | } 75 | 76 | /** 77 | * Show the form for editing the specified resource. 78 | * 79 | * @param \App\Models\User $user 80 | * @return \Illuminate\Http\Response 81 | */ 82 | public function edit(User $user) 83 | { 84 | // 85 | } 86 | 87 | /** 88 | * Update the specified resource in storage. 89 | * 90 | * @param \Illuminate\Http\Request $request 91 | * @param \App\Models\User $user 92 | * @return \Illuminate\Http\Response 93 | */ 94 | public function update(Request $request, User $user) { 95 | if (auth()->user()->hasAnyRole(['super-admin', 'admin'])) { 96 | $this->validate($request, [ 97 | 'name' => ['required', 'max:50'], 98 | 'email' => ['required', 'string', 'email', 'max:50'], 99 | ]); 100 | if ($request->roles[0] === null) { 101 | return back()->withErrors(['roles' => 'The role field is required']); 102 | } 103 | if ($request->roles[0]['id'] != 5) { 104 | $adminRole = Role::where('id', $request->roles[0]['id'])->first(); 105 | $user->update([ 106 | 'name' => $request->name, 107 | 'email' => $request->email, 108 | 'is_admin' => 1, 109 | ]); 110 | $user->syncRoles($adminRole); 111 | return back(); 112 | } else { 113 | $user->update([ 114 | 'name' => $request->name, 115 | 'email' => $request->email, 116 | ]); 117 | } 118 | return back(); 119 | } 120 | return back(); 121 | } 122 | 123 | /** 124 | * Remove the specified resource from storage. 125 | * 126 | * @param \App\Models\User $user 127 | * @return \Illuminate\Http\Response 128 | */ 129 | public function destroy(User $user) { 130 | if (auth()->user()->hasAnyRole(['super-admin', 'admin'])) { 131 | $user->delete(); 132 | return back(); 133 | } 134 | return back(); 135 | } 136 | } 137 | -------------------------------------------------------------------------------- /resources/js/Pages/Profile/UpdateProfileInformationForm.vue: -------------------------------------------------------------------------------- 1 | 72 | 73 | 143 | -------------------------------------------------------------------------------- /database/migrations/2021_05_19_015833_create_permission_tables.php: -------------------------------------------------------------------------------- 1 | bigIncrements('id'); 25 | $table->string('name')->default('N/A'); // For MySQL 8.0 use string('name', 125); 26 | $table->string('description')->nullable(); 27 | $table->string('guard_name'); // For MySQL 8.0 use string('guard_name', 125); 28 | $table->timestamps(); 29 | 30 | $table->unique(['name', 'guard_name']); 31 | }); 32 | 33 | Schema::create($tableNames['roles'], function (Blueprint $table) { 34 | $table->bigIncrements('id'); 35 | $table->string('name'); // For MySQL 8.0 use string('name', 125); 36 | $table->string('guard_name'); // For MySQL 8.0 use string('guard_name', 125); 37 | $table->timestamps(); 38 | 39 | $table->unique(['name', 'guard_name']); 40 | }); 41 | 42 | Schema::create($tableNames['model_has_permissions'], function (Blueprint $table) use ($tableNames, $columnNames) { 43 | $table->unsignedBigInteger('permission_id'); 44 | 45 | $table->string('model_type'); 46 | $table->unsignedBigInteger($columnNames['model_morph_key']); 47 | $table->index([$columnNames['model_morph_key'], 'model_type'], 'model_has_permissions_model_id_model_type_index'); 48 | 49 | $table->foreign('permission_id') 50 | ->references('id') 51 | ->on($tableNames['permissions']) 52 | ->onDelete('cascade'); 53 | 54 | $table->primary(['permission_id', $columnNames['model_morph_key'], 'model_type'], 55 | 'model_has_permissions_permission_model_type_primary'); 56 | }); 57 | 58 | Schema::create($tableNames['model_has_roles'], function (Blueprint $table) use ($tableNames, $columnNames) { 59 | $table->unsignedBigInteger('role_id'); 60 | 61 | $table->string('model_type'); 62 | $table->unsignedBigInteger($columnNames['model_morph_key']); 63 | $table->index([$columnNames['model_morph_key'], 'model_type'], 'model_has_roles_model_id_model_type_index'); 64 | 65 | $table->foreign('role_id') 66 | ->references('id') 67 | ->on($tableNames['roles']) 68 | ->onDelete('cascade'); 69 | 70 | $table->primary(['role_id', $columnNames['model_morph_key'], 'model_type'], 71 | 'model_has_roles_role_model_type_primary'); 72 | }); 73 | 74 | Schema::create($tableNames['role_has_permissions'], function (Blueprint $table) use ($tableNames) { 75 | $table->unsignedBigInteger('permission_id'); 76 | $table->unsignedBigInteger('role_id'); 77 | 78 | $table->foreign('permission_id') 79 | ->references('id') 80 | ->on($tableNames['permissions']) 81 | ->onDelete('cascade'); 82 | 83 | $table->foreign('role_id') 84 | ->references('id') 85 | ->on($tableNames['roles']) 86 | ->onDelete('cascade'); 87 | 88 | $table->primary(['permission_id', 'role_id'], 'role_has_permissions_permission_id_role_id_primary'); 89 | }); 90 | 91 | app('cache') 92 | ->store(config('permission.cache.store') != 'default' ? config('permission.cache.store') : null) 93 | ->forget(config('permission.cache.key')); 94 | } 95 | 96 | /** 97 | * Reverse the migrations. 98 | * 99 | * @return void 100 | */ 101 | public function down() 102 | { 103 | $tableNames = config('permission.table_names'); 104 | 105 | if (empty($tableNames)) { 106 | throw new \Exception('Error: config/permission.php not found and defaults could not be merged. Please publish the package configuration before proceeding, or drop the tables manually.'); 107 | } 108 | 109 | Schema::drop($tableNames['role_has_permissions']); 110 | Schema::drop($tableNames['model_has_roles']); 111 | Schema::drop($tableNames['model_has_permissions']); 112 | Schema::drop($tableNames['roles']); 113 | Schema::drop($tableNames['permissions']); 114 | } 115 | } 116 | --------------------------------------------------------------------------------