The Laravel Boilerplate Project - https://laravel-boilerplate.com - For Slack access, visit:

Anthony Rappa

Last update: Jan 7, 2023

Related tags

Laravel php boilerplate laravel skeleton laravel-boilerplate starter-project

Overview

Laravel Boilerplate (Current: Laravel 8.*) (Demo)

Demo Credentials

Admin: [email protected]
Password: secret

User: [email protected]
Password: secret

Official Documentation

Click here for the official documentation

Slack Channel

Please join us in our Slack channel to get faster responses to your questions. Get your invite here: https://laravel-5-boilerplate.herokuapp.com

Introduction

Laravel Boilerplate provides you with a massive head start on any size web application. Out of the box it has features like a backend built on CoreUI with Spatie/Permission authorization. It has a frontend scaffold built on Bootstrap 4. Other features such as Two Factor Authentication, User/Role management, searchable/sortable tables built on my Laravel Livewire tables plugin, user impersonation, timezone support, multi-lingual support with 20+ built in languages, demo mode, and much more.

Issues

If you come across any issues please report them here.

Contributing

Thank you for considering contributing to the Laravel Boilerplate project! Please feel free to make any pull requests, or e-mail me a feature request you would like to see in the future to Anthony Rappa at [email protected].

Security Vulnerabilities

If you discover a security vulnerability within this boilerplate, please send an e-mail to Anthony Rappa at [email protected], or create a pull request if possible. All security vulnerabilities will be promptly addressed.

License

MIT: http://anthony.mit-license.org

Comments

Question regarding 5.2

Need a general consensus on whether you think I should start over with a fresh copy of 5.2, and rebuild the boilerplate from scratch over the Laravel 5.2 features. There are many features Laravel has by default, especially with the authentication, that I built custom, and I know many people prefer native features. It evolves so fast I just don't know a good quick way to start over with afresh copy since there are custom files everywhere.

Just looking for feedback.
question

opened by rappasoft 65
Current Status

I've obviously have had trouble finding time to work on this project, which sucks because I really enjoy this project.

My plan is to scrap v3 for now, and take all the work i've done and implement it in v2.

I'll probably make a legacy branch like I did for 5.1, because I plan on removing the CRUD screens for permission management, since there is no real world use for it, and instead just use a seed file for managing that.

I recently used the access part for a different project and it works well without it, theres never a need to update permission names on the go since they are hard coded into the backed code. Users/Roles management will remain the same.

I also had a lot of bug fixes in v3 I found, which i'll implement.

I believe I will need this boilerplate for a new project of my own soon, so I will have time to work on it in preparation for that.

Stay tuned and thanks for the ongoing support!
Work In Progress

opened by rappasoft 38
Laravel 5.1.11

: | - they decided to put Authorizable in there. so now it has permission based things. You should check it out. (It's optional to install though)

http://laravel.com/docs/5.1/authorization

opened by Teranode 30
Authentication problem

I have setup this many project using boilerplate. but in some project: In local system authentication is smoothly running without any problem but while uploading same file to server and if we try to login it always redirect to login page. can you tell me why is this happening? i am very much thinking about it

opened by arikazukito 28
LB 7.0

There's a reason it seems I haven't been maintaining this project recently:

I decided to start over with the most up to date Laravel version a couple months ago, and do my best to rewrite the entire application.

I am about 70% along, I have removed features that are just fluff, I am trying to extract others out to packages along the way (see rappasoft/lockout) and just overall try to make it less opinionated.

Also, against my better judgement I also added Socialite back in.

There's no code you can look at yet, as I have it all locally in git.

Here are some screenshots.
Work In Progress

opened by rappasoft 27
Locale on Carbon and date formats

Hello I don't know if the Carbon date for humans should works with current locale.... Is it a problem on my installation ? setlocale(LC_TIME, 'fr_FR');

opened by error500 27
Dynamic rules/validation

/** * Get the validation rules that apply to the request. * * @return array */ public function rules() { return [ 'projectdate' => 'required|min:3', 'machinetype' => 'required|min:3', 'customer' => 'required|min:3', ]; } Depending on project type i need to validate different inputs.

I need to handle these dynamicly, is there a way for that or do i have to do this in EloquentProjectRepository?

opened by digitalit 22
php artisan db:seed error

[Illuminate\Database\QueryException] SQLSTATE[42000]: Syntax error or access violation: 1064 You have an error i n your SQL syntax; check the manual that corresponds to your MySQL server v ersion for the right syntax to use near 'CASCADE' at line 1 (SQL: TRUNCATE TABLE users CASCADE)

opened by odyright 22
Dont get socialite to work

Hi again!

I created my google-app, got all my credentials that i entered to the suggested .env variables. my GOOGLE_REDIREC=http://subdomain.mysite.com/auth/login/google

I have pushed my stuff up to the real server that was registered at google.

So i tried to create a new app and keys, i applied them on the .env on the server

And the FIRST time when i click "Login with Google" i get this error: InvalidStateException in AbstractProvider.php line 161: And then i go back, refresh and click the same link i get this error: ClientException in RequestException.php line 89: Client error response [url] https://www.googleapis.com/plus/v1/people/me?prettyPrint=false [status code] 403 [reason phrase] Forbidden

Is there anything else I need to do? Cause i do not get any further after that error. I pulled the repo after your latest commit where you stated the Socialite to be fixed. I have done your new migrations and all that jazz.

Hope we can figure this out as well!

opened by blomdahldaniel 21
Laravel 5.8
So far this is what's queued up for the Laravel 5.8 Boilerplate Release:

[x] Upgrade to Laravel 5.8

[x] Upgrade to phpunit 8.0

[x] Upgrade to phpunit-results-printer 0.26.1

[x] Upgrade to log viewer 4.7

[x] Upgrade to nocaptcha 9.*

[x] Upgrade to socialite 4.1

[x] Upgrade to spatie/permission to 2.36

[x] Upgrade to Laravel Dump Server 1.2

[x] Upgrade to debugbar 3.2

[x] Upgrade to ide-helper 2.6

[x] Upgrade password validation rule to fix ca-cert.json issue

[x] Upgrade SweetAlert

[x] Update to Laravel commit: 4997f08105d6fb941b1ed2c749ebd2f55fba5a74

[x] Remove BladeServiceProvider and register in the boot method of AppServiceProvider as per 5.8 docs

[x] Use assertStringContainsString instead of assertContains to make all current tests pass

[x] Laravel 5.8 uses bigIncrements as default for the users table so the foreign keys had to be converted to bigIntegers

[x] Remove webpatser/laravel-uuid and convert UUID functions to Laravel 5.8’s built in UUID package from Ramsey

[x] Remove unneeded laravel-blade directives package

[x] Set resource root in webpack

[x] Remove withInput parameter in GeneralException since it is covered by the dontReport property of the parent class

[x] Don’t report GeneralException errors

[x] Add new ReportableException class to throw when you want it to be logged, one of the two can be extended to add new exceptions that you either do or do not want logged. Both still redirect with the flash message.

[x] Replace recaptcha with invisible recaptcha

[x] Added optional captcha to contact form

[x] Updated single login to use features with AuthenticateMiddleware to work with every driver as well as logout users on other devices

[x] Remove Session model because it’s only good for one driver and the user can create it if they need it

[x] Include redis by default

[x] Add laravel auditing to certain models, UI is up to person creating the project

[x] Change Clear Session button to be driver agnostic, sets a flag that triggers part of the web middleware to force the user to log out

[x] Remove boilerplate html from CoreUI

[x] Fix: Socially logged in users get assigned the default role

[x] Load helpers with service provider instead of composer which allows better organization, give all existing helper files a Helper postfix

[x] Use casts property on User model and refactor

Let me know if there's anymore requests over the next couple days while I tidy things up.
enhancement conversation
opened by rappasoft 20
Socialite Integration

Would it be possible to add socialite to this project? It seems to me to be unclear as to how you are actually supposed to implement socialite within a project. Normally I'd fork a project for something so simple, but I myself have no idea how to do it.

opened by freddyheppell 20
Bump json5 from 1.0.1 to 1.0.2
Bumps json5 from 1.0.1 to 1.0.2.

Release notes

Sourced from json5's releases.

v1.0.2

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295). This has been backported to v1. (#298)

Changelog

Sourced from json5's changelog.

Unreleased [code, diff]

v2.2.3 [code, diff]

Fix: [email protected] is now the 'latest' release according to npm instead of v1.0.2. (#299)

v2.2.2 [code, diff]

Fix: Properties with the name __proto__ are added to objects and arrays. (#199) This also fixes a prototype pollution vulnerability reported by Jonathan Gregson! (#295).

v2.2.1 [code, diff]

Fix: Removed dependence on minimist to patch CVE-2021-44906. (#266)

v2.2.0 [code, diff]

New: Accurate and documented TypeScript declarations are now included. There is no need to install @types/json5. (#236, #244)

v2.1.3 [code, diff]

Fix: An out of memory bug when parsing numbers has been fixed. (#228, #229)

v2.1.2 [code, diff]

... (truncated)

Commits

a62db1e 1.0.2

e0c23fe docs: update CHANGELOG for v1.0.2

62a6540 fix: add proto to objects and arrays

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies javascript
opened by dependabot[bot] 0
Resolve #1589 : Deactivated user can login by requesting password reset
Resolve #1589 : Deactivated user can login by requesting password reset.

Added new conditional in redirectPath function for ResetPasswordController, which redirects user based on their active status

Developed one new test in ResetPasswordTest File, For testing inactive users redirection after successful reset password attempt.
opened by im-denny 0
Bump express from 4.17.2 to 4.18.2
Bumps express from 4.17.2 to 4.18.2.

Release notes

Sourced from express's releases.

4.18.2

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object clone

deps: [email protected]

4.18.1

Fix hanging on large stack of sync routes

4.18.0

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

Invoke default with same arguments as types in res.format

Support proper 205 responses using res.send

Use http-errors for res.format error

deps: [email protected]

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

Add priority option

Fix expires option to reject invalid dates

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

Remove set content headers that break response

deps: [email protected]

deps: [email protected]

deps: [email protected]

Prevent loss of async hooks context

deps: [email protected]

deps: [email protected]

Fix emitted 416 error missing headers property

Limit the headers removed for 304 response

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

... (truncated)

Changelog

Sourced from express's changelog.

4.18.2 / 2022-10-08

Fix regression routing a large stack in a single route

deps: [email protected]

deps: [email protected]

perf: remove unnecessary object clone

deps: [email protected]

4.18.1 / 2022-04-29

Fix hanging on large stack of sync routes

4.18.0 / 2022-04-25

Add "root" option to res.download

Allow options without filename in res.download

Deprecate string and non-integer arguments to res.status

Fix behavior of null/undefined as maxAge in res.cookie

Fix handling very large stacks of sync middleware

Ignore Object.prototype values in settings through app.set/app.get

Invoke default with same arguments as types in res.format

Support proper 205 responses using res.send

Use http-errors for res.format error

deps: [email protected]

Fix error message for json parse whitespace in strict

Fix internal error when inflated body exceeds limit

Prevent loss of async hooks context

Prevent hanging when request already read

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

deps: [email protected]

Add priority option

Fix expires option to reject invalid dates

deps: [email protected]

Replace internal eval usage with Function constructor

Use instance methods on process to check for listeners

deps: [email protected]

Remove set content headers that break response

deps: [email protected]

deps: [email protected]

deps: [email protected]

Prevent loss of async hooks context

deps: [email protected]

deps: [email protected]

... (truncated)

Commits

8368dc1 4.18.2

61f4049 docs: replace Freenode with Libera Chat

bb7907b build: [email protected]

f56ce73 build: [email protected]

24b3dc5 deps: [email protected]

689d175 deps: [email protected]

340be0f build: [email protected]

33e8dc3 docs: use Node.js name style

644f646 build: [email protected]

ecd7572 build: [email protected]

Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

dependencies javascript
opened by dependabot[bot] 0
Bump decode-uri-component from 0.2.0 to 0.2.2
Bumps decode-uri-component from 0.2.0 to 0.2.2.

Release notes

Sourced from decode-uri-component's releases.

v0.2.2

Prevent overwriting previously decoded tokens 980e0bf

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.1...v0.2.2

v0.2.1

Switch to GitHub workflows 76abc93

Fix issue where decode throws - fixes #6 746ca5d

Update license (#1) 486d7e2

Tidelift tasks a650457

Meta tweaks 66e1c28

https://github.com/SamVerschueren/decode-uri-component/compare/v0.2.0...v0.2.1

Commits

a0eea46 0.2.2

980e0bf Prevent overwriting previously decoded tokens

3c8a373 0.2.1

76abc93 Switch to GitHub workflows

746ca5d Fix issue where decode throws - fixes #6

486d7e2 Update license (#1)

a650457 Tidelift tasks

66e1c28 Meta tweaks

See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

@dependabot rebase will rebase this PR

@dependabot recreate will recreate this PR, overwriting any edits that have been made to it

@dependabot merge will merge this PR after your CI passes on it

@dependabot squash and merge will squash and merge this PR after your CI passes on it

@dependabot cancel merge will cancel a previously requested merge and block automerging

@dependabot reopen will reopen this PR if it is closed

@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually

@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)

@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot use these labels will set the current labels as the default for future PRs for this repo and language

@dependabot use these reviewers will set the current reviewers as the default for future PRs for this repo and language

@dependabot use these assignees will set the current assignees as the default for future PRs for this repo and language

@dependabot use this milestone will set the current milestone as the default for future PRs for this repo and language

You can disable automated security fix PRs for this repo from the Security Alerts page.

wontfix dependencies javascript
opened by dependabot[bot] 1
Deactivated user can login by requesting password reset
Steps on clean laravel-boileplate v8.3.1 install:

Admin deactivates a user

Deactivated user can't login now, but can click 'Forgot your password?' link

Deactivated user then resets password using email link sent, and after changing password is automatically logged in

Pretty sure this is not meant to happen, as if this user then logs out again, once again they can't login as 'deactivated'
opened by redactuk 8
support laravel9?
Before you create an issue make sure that:

Your issue is strictly related to the boilerplate itself. Questions about Laravel in general belongs to the laravel or laracasts forums.

You have read the documentation thoroughly.

You have searched for a similar issue among all the former issues (even closed ones).

You have tried to replicate the issue with a clean install of the project.

Be explicit

Try to be as explicit as you can when you ask anything.
wontfix
opened by jinhuaxiao 10

Releases(v8.3.1)

v8.3.1(Jan 17, 2022)

Updated dependencies
Source code(tar.gz)
Source code(zip)
v8.3.0(Sep 22, 2021)
Changed

Updated composer/yarn lock files

Updated to Laravel commit: 4f8a0f35fabd8603fb756122bf820719a259ac9b

Source code(tar.gz)
Source code(zip)
v8.2.2(Jul 11, 2021)
Changed

Dependency updates

Update to Laravel commit: c636fd0f678008caf30683833b740fb6f31d9de6

Source code(tar.gz)
Source code(zip)
v8.2.1(May 31, 2021)
Added

Vietnamese (vi) language

Changed

Updated composer and yarn dependencies

Updated TR translations

Updated to Laravel commit: 131a10260e73e83e6b1cd63788b8f6584dd3e98a

Source code(tar.gz)
Source code(zip)
v8.2.0(Apr 23, 2021)
Added

User search scope

Role Scope class

Korean (ko) language pack (https://github.com/rappasoft/laravel-boilerplate/pull/1521)

Changed

Updated lock files

Updated all tables to laravel-livewire-tables 1.x

Updated to Laravel commit: a6ffdbdf416d60c38443725807a260a84dca5045

Removed

codedungeon/phpunit-result-printer, should use composer test for parallel testing.

Source code(tar.gz)
Source code(zip)
v8.1.0(Apr 5, 2021)
Added

Parallel testing

Changed

Updated locks

Update to Laravel commit: 5808129a1f702f973c7c31203d16db2066bd9030

Upgraded to Laraguard 3.0

Source code(tar.gz)
Source code(zip)
v8.0.3(Feb 20, 2021)
Added

Added pt_PT language

Added RO language

Added missing cors middleware

Changed

Updated composer

Updated yarn

Update to Laravel commit: f0de9fd9967d4e1b4427d8458bf8983bc2cde201

Upgrade to Laravel Mix 6

Fixed 2fa/admin issue (https://github.com/rappasoft/laravel-boilerplate/pull/1488)

Update pt_BR language

Updated failed_jobs table (https://github.com/rappasoft/laravel-boilerplate/pull/1503, https://github.com/rappasoft/laravel-boilerplate/issues/1501)

Removed

Google Analytics tag and config since it's done differently since that was added

Source code(tar.gz)
Source code(zip)
v8.0.1(Dec 13, 2020)
Changed

Update dependencies

Update to laravel commit: ddb26fbc504cd64fb1b89511773aa8d03c758c6d

Added sail docker file

Update FA language

Add 'main' branch to workflow

Source code(tar.gz)
Source code(zip)
v8.0.0(Oct 21, 2020)
Added

Added back roave/security-advisories

Added new database factories

Added Polish languages

Added BladeServiceProvider with @captcha directive

Added Captcha rule

Added Captcha configs to boilerplate configs

Changed

Update livewire tables to 0.3

Updated users/roles table to use new tables

Moved livewire components into Frontend/Backend and updated calls

Removed type partial and just merged into table format

Update PHP to 7.3

Update Guzzle to v7

Update Laravel to v8

Update Socialite to v5

Update Laravel UI to v3

Update Lockout to v3

Update Breadcrumbs to v2

Update PHP Pretty Printer to v0.29

Update Ignition to v2.3.6

Update Collision to v5

Condense .env.example

Updated tests to use new factories

Updated seeders and factories to be namespaced

Follow Laravel upgrade guide for v8 and change all the needed files

Update to Laravel commit: 8d3ca07c4cff6d36593625ee4b34e19ce2dba15b

Update CS/FR/IN languages

Sort locale dropdown by language not array key

Modified login/register controllers to use new Captcha rule

Removed

Remove recaptcha

Source code(tar.gz)
Source code(zip)
v7.2.5(Aug 8, 2020)
Changed

Min Livewire to 1.3

Update Italian Translations

Update Indonesia Translations

Update Hebrew Translations

Make tests compatible with any locale

Make backend sidebar logs link a dropdown

Source code(tar.gz)
Source code(zip)
v7.2.4(Jul 29, 2020)
Added

Added GitAds to README, putting here for transparency.

Ported over validation for default language files from 6.x BP

Added Czech language files

Changed

Changed default gravatar to be more generic.

Use Laravel bootable traits with UUID trait.

Source code(tar.gz)
Source code(zip)
v7.2.3(Jul 27, 2020)
Changed

Update Laravel, proxy, and mockery min versions

Source code(tar.gz)
Source code(zip)
v7.2.2(Jul 27, 2020)

Force updates to the Laravel security patch
Source code(tar.gz)
Source code(zip)
v7.2.1(Jul 27, 2020)

Laravel Security Patch: https://blog.laravel.com/security-release-laravel-61827-7220
Source code(tar.gz)
Source code(zip)
v7.2.0(Jul 26, 2020)
Added

Added gravatar to frontend navbar

Added breadcrumbs on the frontend on pages that it would benefit on. Added a config item to be able to turn it off. If there are no breadcrumbs for a page the bar won't show.

Added SuperAdminCheck, AdminCheck and UserCheck middleware

Added scopes for user types

Added GET form component

Added back ARCANEDEV/LogViewer

Add container to all frontend views

Publish laravel error pages

Changed

Update to Laravel commit: 791c87a80d1c5eebd75e1bf499f86899d6b2b26f

Change alpine.js @click and @change methods to use x-on/x-change to not interfere with Vue

Default old request for user edit page

Wrapped backend breadcrumbs in conditional so if there are no breadcrumbs for that page the just don't show.

Allow UserTypeCheck to accept multiple types

Full width frontend messages partial

Prefix all admin permissions with admin. and refactor.

Italian language updates

Removed

Removed an un-needed redirect from LoginController

Remove container from frontend master view

Source code(tar.gz)
Source code(zip)
v7.1.1(Jul 12, 2020)
Added

Added method and scope to get users by type

Added headerActions to frontend card component

Changed

Be explicit when showing type labels in the backend

Moved frontend user routes to own file

Change default password expiration days to 180

Change default 'change email' status to true

Source code(tar.gz)
Source code(zip)
v7.1.0(Jul 7, 2020)
This release completely changes the way the previous authentication system worked. I probably went through 5 different iterations of a multi auth/guard architecture, but it became too messy and there are too many variables when dealing with different user tables and multiple different sessions. The solution I came up with I think serves the same purpose without the complexities. There is a new type column on the users table that is a predefined list of user types that your system supports, and a middleware to lock parts down to different types. The roles and permissions also have a corresponding type column to organize what roles and permissions are available to what user types, and the backend will only let you choose from the correct ones. For example: Any user of type admin can access the admin area, but they cannot do anything without a corresponding role or permission to a given section. This will let you structure your applications better if the use multiple different user types that have access to different areas, without using different guards, all with one users table and one login form.

Added

Add user type check middleware

User accounts no longer require roles

The roles and permissions a user can have are now constrained by their type

Change isAdmin to hasAllAccess, because isAdmin now repurposed to check type

Update UserService to reflect type, no longer assign default role to users

Delete view backend permission as all users of admin type can view the backend.

Add type column to user/role tables

Update the global gate to check hasAllAccess instead of isAdmin, since now an admin may not have all access

Remove redirect and default user role from boilerplate config

Update factories and seeders

When creating a user from the backend, a new type dropdown is available, and will show the correct roles/permissions for that type to be able to choose from and validate on the backend

Update all old instances of isAdmin to hasAllAccess, and use new isAdmin where applicable

Frontend user dashboard now limited to user type

When creating/editing a role, only the permissions related to the type will be available to choose from

Add spatie/activitylog

Add events for roles and users

Add role event subscriber

Boolean for whether or not 2FA is required for admin

Added Terms & Conditions checkbox with validation to registration

Added dummy Terms & Conditions page

Added UUID trait back if needed

Added ability to only allow users to be assigned roles from the backend and not additional permissions

Changed

Change password histories to be polymorphic

Make alert banners shorter vertically

Refactor system to use user types to define who can view certain areas, then use roles and permissions from there to narrow down further.

Update all tests

Require 2FA to be enabled to access admin

Change 2FA restricted redirect to enable 2FA page

Automatically load roles and permissions for users and permissions for role models

Move user event namespace

Move HomeController out of auth domain

Change account tabs from vertical to normal because they respond better

Removed

Removed accountant package

Source code(tar.gz)
Source code(zip)
v7.0.3(Jul 2, 2020)
Changed

Updated breadcrumbs to be more readable

Update link utility to allow slot

Add note for Gate::after in AuthServiceProvider if wanted

Change title bar delimiter from - to |

Update yarn and composer

Source code(tar.gz)
Source code(zip)
v7.0.2(Jun 30, 2020)
Changed

Revert UserRoleSeeder change

Source code(tar.gz)
Source code(zip)
v7.0.1(Jun 30, 2020)
Added

Missing captcha functionality for login/register

Changed

Seed second role in production not just testing

Removed

Duplicate user tests

Terser in mix file

Source code(tar.gz)
Source code(zip)
v7.0.0(Jun 27, 2020)

Started from scratch with a blank Laravel 7.* installation. This release is not an upgrade, and for that reason it is impossible to document all the changes that occurred. This version should be used for new projects.
Source code(tar.gz)
Source code(zip)
v6.0.5(Jun 26, 2020)
Changed

Namespace fix

Update jquery version

Chinese language updates

Source code(tar.gz)
Source code(zip)
v6.0.4(Apr 9, 2020)
Changed

Fixed typo in translation file

Dependency updates

Source code(tar.gz)
Source code(zip)
v6.0.1(Oct 22, 2019)
Added

Added facade/ignition-code-editor to be able to edit files right from ignition screens

Added facade/ignition-self-diagnosis to for useful checklist of things that could get fixed when encountering an error

Added facade/ignition-tinker-tab which adds a tinker tab in ignition which uses laravel tinker behind the scenes to be able to use tinker right from error screens

Changed

Update to Laravel Commit 953b488b8bb681d4d6e12227645c7c1b7ac26935 (Without password confirmation stuff)

Fix socialite bug (https://github.com/rappasoft/laravel-boilerplate/issues/1284)

Source code(tar.gz)
Source code(zip)
v6.0.0(Sep 9, 2019)
Added

Added captcha to login request

Added server variable that denotes whether or not the application is currently running tests, false by default but enabled by phpunit.xml

Added security headers middleware with everything disabled by default

Added Mail globals to .env.example

Added Email validation to contact form

Added the https://github.com/404labfr/laravel-impersonate package to replace my home grown impersonate feature with much stronger functionality

Changed

Upgrade to Laravel 6.0

Update to laravel commit: 31394de4d736c171d40bb03d50313c60b0e4af38

Enabled debugbar models

Converted “Demo Mode” to “Read Only Mode” to be more generic

Update package versions

.env.example Laravel version

Hide sidebar ‘System’ label unless admin

Added blade include snippets instead of attributes on the model, if they returned any sort of html

Don’t preinstall predis or force redis as any driver

Condense language dropdown padding

Refactor socialite buttons to php includes

Add array of paths that can not be accessed as GET requests in read only mode

Update base repository and refactor anything that broke

Removed

Removed unused avatar images from CoreUI

Removed dashboard as parent breadcrumb for certain sections

Removed unused key in app.php

Removed default string length of 191 because everyone should be above MySQL 5.7.7 at this point.

Removed all html being returned from attribute classes in favor of blade include snippets

Removed laravel dump server, laravel tinker, laravel self-diagnosis from default install

Removed backend.php config file and just put comment in layout file

Removed unused helper file

Removed letrunghieu/active for homegrown one since I’m not waiting for them to update to laravel 6.0

Removed owen-it/laravel-auditing until it supports Laravel 6.0

Source code(tar.gz)
Source code(zip)
v5.3.8(Aug 21, 2019)
Added

Added Azerbaijan language (https://github.com/rappasoft/laravel-boilerplate/pull/1254)

Added NIST Password Rules (https://github.com/rappasoft/laravel-boilerplate/pull/1258)

Changed

Assign all permissions to the Admin role without the need to explicitly assign the roles/permissions to the user. (https://github.com/rappasoft/laravel-boilerplate/pull/1227)

Removed

Removed default Google scopes (https://github.com/rappasoft/laravel-boilerplate/pull/1253/files)

Removed ChangePassword rule as the new NIST rules cover it

Source code(tar.gz)
Source code(zip)
v5.3.7(Aug 21, 2019)
Added

Actual changelog

Changed

Repository name since 6.0 is about to release

Upgrade to laravel commit bb433725483803a27f21d3b21317072610bc3e9c

Source code(tar.gz)
Source code(zip)