Let professionals install TastyIgniter for you! Learn more

  Documentation
  Help Center
  Premium Support
  Support Services
  Contact
WARNING: While TastyIgniter v4 introduces several improvements, some extensions are not yet fully compatible with this version. If you rely on community or marketplace extensions, it is recommended to proceed with caution. For full compatibility, consider using TastyIgniter v3 instead. You can also monitor extension updates on the TastyIgniter Marketplace for v4 support.
Select A Version
Latest (v4.x) v3.x

User

You can install the extension via composer using the following command:

composer require tastyigniter/ti-ext-user -W

Run the database migrations to create the required tables:

php artisan igniter:up

You can configure the registration settings in the admin area. Navigate to the Manage > Settings > Customer registration admin settings page. Here you can enable/disable customer registration, and where to send registration emails to the customer email and/or location email.

To manage customers, navigate to the Customers admin page. Here you can view a list of all registered customers, search for customers, view customer details, and manage customer accounts.

To manage staff members, navigate to the Manage > Staff members admin page. Here you can view a list of all registered staff members, search for staff members, view staff member details, and manage staff member accounts.

This section covers how to integrate the User extension API into your own extension if you need to authenticate customers, register customers, create staff members, reset passwords, impersonate users, and manage permissions. The User extension provides a simple API for managing users and their authentication.

To authenticate a customer, you can use the \Igniter\User\Actions\LoginCustomer action class. The action class accepts an array of credentials and a boolean value to indicate if the user should be remembered.

This class mirrors the authentication process used by the default login form. It also dispatches two key events — igniter.user.beforeAuthenticate and igniter.user.login — which can be used to hook into the login process for custom behavior or integrations.

use Igniter\User\Actions\LoginCustomer;

$credentials = [
    'email' => '[email protected]',
    'password' => 'password',
];

$loginCustomer = new LoginCustomer($credentials, $remember);

$loginCustomer->handle();

The \Igniter\User\Facades\Auth::check method can be used to check if a user is authenticated.

use Igniter\User\Facades\Auth;

if (Auth::check()) {
    // The user is authenticated
}

The \Igniter\User\Facades\Auth::logout method can be used to log out a user.

use Igniter\User\Facades\Auth;

Auth::logout();

To authenticate a staff member, you can use the \Igniter\User\Facades\AdminAuth class. The attempt method accepts an array of credentials and a boolean value to indicate if the user should be remembered.

use Igniter\User\Facades\AdminAuth;

$credentials = [
    'email' => '[email protected]',
    'password' => 'password',
];

AdminAuth::attempt($credentials, $remember);

The AdminAuth::check method can be used to check if a staff member is authenticated.

if (AdminAuth::check()) {
    // The staff member is authenticated
}

The AdminAuth::logout method can be used to log out a staff member.

AdminAuth::logout();

To register a customer, you can use the \Igniter\User\Actions\CustomerRegister action class. The action class handle method accepts an array of customer data and a boolean value to indicate if the customer should be activated, you may ignore the second parameter to use the default customer group approval settings. The method returns the created customer Igniter\User\Models\Customer model.

This class mirrors the registration process used by the default registration form. It also dispatches two key events — igniter.user.beforeRegister and igniter.user.register — which can be used to hook into the registration process for custom behavior or integrations.

use Igniter\User\Actions\CustomerRegister;

$customerData = [
    'first_name' => 'John',
    'last_name' => 'Doe',
    'email' => '[email protected]',
    'password' => 'password',
];

$registerCustomer = new CustomerRegister();
$customer = $registerCustomer->handle($customerData);

if ($customer->is_activated) {
    // Registration successful
    $customer->mailSendRegistered(['account_login_link' => page_url('account.login')]);
} else {
    // Registration requires email verification
    $customer->mailSendEmailVerification([
        'account_activation_link' => page_url('account.register').'?code='.$customer->getActivationCode(),
    ]);
}

The CustomerRegister action class also provides methods to activate the customer account using the activation code. This is useful when the customer clicks on the email verification link.

use Igniter\User\Actions\CustomerRegister;

$registerCustomer = new CustomerRegister();
$customer = $registerCustomer->activate($code);

$customer->sendRegisteredMail(['account_login_link' => page_url('account.login')]);

To create a staff member, you can use the \Igniter\User\Auth\UserProvider::register method. The register method accepts an array of staff member data and a boolean value to indicate if the staff member should be activated. The method returns the created staff member model.

use Igniter\User\Facades\AdminAuth;

$staffData = [
    'name' => 'John Doe',
    'username' => 'johndoe',
    'email' => '[email protected]',
    'password' => 'password',
];

AdminAuth::getProvider()->register($staffData);

To reset a customer's password, you can use the resetPassword method on the \Igniter\User\Models\Customer model. The method returns the reset password code.

use Igniter\User\Models\Customer;

$customer = Customer::where('email', '[email protected]')->first();
$resetCode = $customer->resetPassword();

Using the mailSendResetPasswordRequest method, you can send a password reset email to the customer.

$customer->mailSendResetPasswordRequest([
    'reset_link' => page_url('account.reset', ['code' => $resetCode]),
]);

To complete the password reset process, you can use the completeResetPassword method on the \Igniter\User\Models\Customer model. The method accepts the reset password code and the new password.

$customer = Customer::where('email', '[email protected]')->first();
$customer->completeResetPassword($resetCode, 'new-password');

Using the mailSendResetPassword method, you can send a password changed email to the customer.

$customer->mailSendResetPassword([
    'account_login_link' => page_url('account.login'),
]);

To reset a staff member's password, you can use the resetPassword method on the \Igniter\User\Models\User model. The method returns the reset password code.

use Igniter\User\Models\User;

$user = User::where('email', '[email protected]')->first();
$resetCode = $user->resetPassword();

Using the mailSendResetPasswordRequest method, you can send a password reset email to the staff member.

$user->mailSendResetPasswordRequest([
    'reset_link' => admin_url('login', ['code' => $resetCode]),
]);

To complete the password reset process, you can use the completeResetPassword method on the \Igniter\User\Models\User model. The method accepts the reset password code and the new password.

$user = User::where('email', '[email protected]')->first();
$user->completeResetPassword($resetCode, 'new-password');

Using the mailSendResetPassword method, you can send a password changed email to the staff member.

$user->mailSendResetPassword([
    'login_link' => admin_url('login'),
]);

You can also reset a staff member's password using the igniter:passwd Artisan command. The command accepts the staff's email address and the new password.

php artisan igniter:passwd '[email protected]' 'password'

To impersonate a customer, you can use the impersonate method on the \Igniter\User\Facades\Auth facade. The method accepts the customer model.

use Igniter\User\Facades\Auth;
use Igniter\User\Models\Customer;

$customer = Customer::find(1);
Auth::impersonate($customer);

Using the stopImpersonate method, you can stop impersonating the customer.

Auth::stopImpersonate();

To impersonate a staff member, you can use the impersonate method on the \Igniter\User\Facades\AdminAuth facade. The method accepts the staff member model.

use Igniter\User\Facades\AdminAuth;
use Igniter\User\Models\User;

$user = User::find(1);
AdminAuth::impersonate($user);

Using the stopImpersonate method, you can stop impersonating the staff member.

AdminAuth::stopImpersonate();

To authorise access to admin pages, you can use the hasPermission method on the \Igniter\User\Models\User model. The method accepts the permission code.

use Igniter\User\Models\User;

$user = User::find(1);
if ($user->hasPermission('Admin.Orders')) {
    // User has permission to access the admin orders page
}

You can also use the hasAnyPermission method to check if a user has any of the specified permissions.

if ($user->hasAnyPermission(['Admin.Orders', 'Admin.Reservations'])) {
    // User has permission to access the admin orders or reservations page
}

Use the requiredPermissions property on admin controller classes to specify the permissions required to access the controller actions.

class Orders extends \Admin\Classes\AdminController
{
    public $requiredPermissions = ['Admin.Orders'];
}

When setting up automation rules through the Admin Panel, you can use the following events registered by this extension:

An automation event class used to capture the igniter.user.register system event when a customer registers. The event class is also used to prepare the customer parameters for automation rules. The following parameters are available:

  • customer: The customer Igniter\User\Models\Customer model instance.
  • data: The customer registration form data as an array.

When setting up automation rules through the Admin Panel, you can use the following automation conditions registered by this extension:

A condition class used to check if an customer attribute match the specified value or rule. The following attributes are available:

  • first_name: The customer's first name.
  • last_name: The customer's last name.
  • telephone: The customer's telephone number.
  • email: The customer's email address.

The User extension registers the following mail templates:

  • igniter.user::mail.registration - Registration mail sent to customers.
  • igniter.user::mail.registration_alert - Registration alert mail sent to staff members.
  • igniter.user::mail.activation - Email verification mail sent to customers.
  • igniter.user::mail.invite - Invitation mail sent to staff members.
  • igniter.user::mail.invite_customer - Invitation mail sent to customers.
  • igniter.user::mail.password_reset - Password reset mail sent to customers.
  • igniter.user::mail.password_reset_request - Password reset request mail sent to customers.
  • igniter.user::mail.admin_password_reset_request - Password reset request mail sent to staff members.
  • igniter.user::mail.admin_password_reset - Password reset mail sent to staff members.

The User extension registers the following permissions:

  • Admin.Customers - Control who can manage customers in the admin area.
  • Admin.CustomerGroups - Control who can manage customer groups in the admin area.
  • Admin.DeleteCustomers - Control who can delete customers in the admin area.
  • Admin.ImpersonateCustomers - Control who can impersonate customers in the admin area.
  • Admin.Staffs - Control who can manage staff members in the admin area.
  • Admin.StaffGroups - Control who can manage staff groups in the admin area.
  • Admin.DeleteStaffs - Control who can delete staff members in the admin area.
  • Admin.Impersonate - Control who can impersonate staff members in the admin area.

For more on restricting access to the admin area, see the TastyIgniter Permissions documentation.

This extension will fire some global events that can be useful for interacting with other extensions.

Event Description Parameters
igniter.user.beforeAuthenticate Before the user is attempting to authenticate [ $component, $credentials ]
igniter.user.login The user has logged in successfully [ $component ]
igniter.user.beforeRegister Before the user is attempting to register [ &$postData ]
igniter.user.register The user has registered successfully [ $customer, $postData ]
igniter.user.logout The user has logged out successfully [ $customer ]

Here is an example of hooking an event in the boot method of an extension class:

Event::listen('igniter.user.logout', function($customer) {
    // ...
});
Did this answer your question?
See a mistake? Edit this page
Help Center

Read our extensive documentation and tutorials.

Community Forums

Get support from other members of the TastyIgniter community.

Developer chat on Discord

Chat live with other developers on the official TastyIgniter Discord.

Twitter

Follow the TastyIgniter Twitter account for news and updates.

Continue