PHPackages esanj/managers - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. esanj/managers ActiveLibrary[Authentication & Authorization](/categories/authentication) esanj/managers ============== The Manager package is responsible for handling OAuth2-based authentication and managing admin-level permissions. v0.3.9(3mo ago)0932MITPHPPHP ^8.2|^8.3|^8.4 Since Jul 9Pushed 2mo agoCompare [ Source](https://github.com/eSanjDev/ms-package-managers)[ Packagist](https://packagist.org/packages/esanj/managers)[ RSS](/packages/esanj-managers/feed)WikiDiscussions main Synced 1mo ago READMEChangelogDependencies (3)Versions (25)Used By (2) 🧩 Esanj Manager Package ======================= [](#-esanj-manager-package) A microservice‑friendly Laravel 12 package providing a secure and configurable Manager panel with OAuth bridge authentication, and granular permission control. --- 🧠 Overview ---------- [](#-overview) `esanj/managers` integrates a **Manager** system into microservice ecosystems built around Laravel ≥ 12. It delegates **OAuth** login to the *Accounting Bridge Service*, issues **static and expirable access tokens**, and provides clean interfaces to manage users, roles, and permissions. Features: - ✅ Manager roles & permissions stored in DB - ✅ Token‑based API & web authentication - ✅ Rate‑limit, caching, and configurable route prefixes - ✅ Commands to install, migrate, and import permissions - ✅ SOLID, Clean Code, and security‑focused baseline --- ⚙️ Installation --------------- [](#️-installation) Install via Composer: ``` composer require esanj/managers ``` Run the installer: ``` php artisan manager:install ``` This will: 1. Publish assets/config via `vendor:publish` (tag `esanj-manager-assets`), 2. Optionally run `php artisan migrate`, 3. Import default permissions with `manager:permissions-import`, 4. Ensure necessary `.env` keys exist (see below). --- 🔐 Environment Variables ----------------------- [](#-environmentvariables) The installer (`InstallCommand.php`) ensures each of these keys exists in `.env`: KeyPurpose`ACCOUNTING_BRIDGE_CLIENT_ID`OAuth client ID for Accounting Bridge.`ACCOUNTING_BRIDGE_CLIENT_SECRET`OAuth secret.`ACCOUNTING_BRIDGE_BASE_URL`URL of the Accounting Bridge server.`ACCOUNTING_BRIDGE_SUCCESS_REDIRECT`Redirect after OAuth success.`MANAGER_SUCCESS_REDIRECT`Redirect in your app after login success.`MANAGER_ACCESS_DENIED_REDIRECT`Redirect when user lacks permission.`MANAGER_PANEL_ROUTE_PREFIX`Prefix for manager web routes (default: `admin`).`MANAGER_API_ROUTE_PREFIX`Prefix for manager API routes (default: `api`).--- ⚙️ Configuration File --------------------- [](#️-configurationfile) `src/config/manager.php` (published to `config/esanj/manager.php`) defines: ### 🔩 Behavioral options [](#behavioral-options) ``` 'access_token_expires_in' => 1440, // 24 h 'just_api' => env('MANAGER_JUST_API', false), ``` ### 🔒 Middlewares [](#middlewares) ``` 'middlewares' => [ 'api' => ['manager.auth:api'], 'web' => ['manager.auth:web'], ], ``` ### 🚦 Rate Limit and Cache [](#ratelimit-andcache) ``` 'rate_limit' => [ 'max_attempts' => 10, 'decay_seconds' => 600, ], 'cache' => [ 'driver' => 'file', 'ttl' => 60 * 24 * 7 ], ``` ### 🎯 Default Permissions [](#defaultpermissions) ``` "permissions" => [ 'managers.edit' => [ 'display_name' => 'Edit Managers' ], 'managers.list' => [ 'display_name' => 'List Managers' ], 'managers.create' => [ 'display_name' => 'Create Manager' ], 'managers.delete' => [ 'display_name' => 'Delete Managers' ], ], ``` These are imported into the database using the `manager:permissions-import` command. --- 🧰 Artisan Commands ------------------ [](#-artisancommands) CommandDescriptionKey Details**`manager:install`**Publishes assets, validates `.env`, runs migrations, imports permissions.Uses `ensureEnvKeys()` to safely append keys.**`manager:create`**Creates new manager with static token.Generates 32‑char random token (`Str::random(32)`); asks for Esanj ID.**`manager:permissions-import`**Reads `config('esanj.manager.permissions')`, updates DB.Uses `Permission::updateOrCreate`.All command outputs are colorized and return appropriate exit codes. --- 🔐 Authentication & API Flow ------------------------------- [](#-authenticationapiflow) ### 1️⃣ Redirect to OAuth [](#1️⃣redirecttooauth) ``` GET /{prefix}/redirect ``` → returns redirect URL for Accounting Bridge login. ### 2️⃣ Callback & Session Token [](#2️⃣callbacksessiontoken) After successful OAuth, the Bridge redirects back; the session stores: ``` auth_bridge.access_token ``` ### 3️⃣ Token Verification [](#3️⃣tokenverification) ``` GET /{prefix}/verify?code={auth_bridge.access_token} ``` Response indicates whether a static token is required (`requires_token` flag). ### 4️⃣ Exchange for Manager Access‑Token [](#4️⃣exchangeformanageraccesstoken) ``` POST /{prefix}/authenticate ``` Body: ``` { "code": "{auth_bridge.access_token}", "token": "{optional-static-token}" } ``` Returns manager‑API token respecting `access_token_expires_in` from config. ### 5️⃣ API Usage [](#5️⃣apiusage) Use header: ``` Authorization: Bearer {access_token} ``` All endpoints are located within the prefix defined in your config (`config('manager.routes.api_prefix')`, default:`/api`)+`/admin/managers` and are guarded by `auth.api` middleware (Bearer token required). MethodURIDescription / Behavior**GET**`/api/admin/managers`Retrieve paginated list of all managers (active + optional trashed).**POST**`/api/admin/managers`Create a new manager record (name, email, role, token).**GET**`/api/admin/managers/{manager}`Get details of a specific manager including permissions and meta.**PUT**`/api/admin/managers/{manager}`Update manager’s profile, email, status, or permissions. Automatically syncs permissions.**DELETE**`/api/admin/managers/{manager}`Soft‑delete a manager record.**POST**`/api/admin/managers/{id}/restore`Restore a previously soft‑deleted manager. Returns 404 if not found.**GET**`/api/admin/managers/{manager}/meta/{key}`Retrieve a single meta key for given manager. Returns 404 if not set.**POST**`/api/admin/managers/{manager}/meta`Store or update a meta key/value pair for that manager.**GET**`/api/admin/managers/{manager}/activities`Return paginated activity logs for manager. Supports `search` by type or meta.**GET**`/api/admin/managers/{manager}/activities/{activity}`Return a single activity entry with full metadata. Used by UI modal viewer.--- ### 🔐 Middlewares [](#-middlewares) Middleware aliases used across the **Esanj** services to secure routes and APIs. AliasClassPurpose`manager.auth:{api/web}``CheckAuthManagerMiddleware`Ensures that a manager is authenticated before accessing protected routes.`manager.permission``CheckManagerPermissionMiddleware`Checks if the current manager has the required permissions to access a route.**Usage Example:** ``` // Web routes protected by manager authentication and permission checks Route::middleware(['auth.manager', 'manager.permission:manage-users'])->group(function () { Route::get('/dashboard', [DashboardController::class, 'index']); }); // API routes protected by token authentication Route::middleware('manager.auth:api')->group(function () { Route::get('/api/data', [ApiController::class, 'fetch']); }); ``` ### 🧩 Using `@can` for Authorization [](#-using-can-for-authorization) The **Esanj Manager Package** provides a full role‑based and permission‑based authorization layer on top of Laravel’s native `Gate` system. At the Blade level, all **permission checks** are made using the `@can`directive, but internally these checks respect the **Manager guard** and **manager‑specific permissions** defined in `config/esanj/manager.php`. --- 📜 License --------- [](#-license) This package is released under the **MIT License**. ### Health Score 41 — FairBetter than 89% of packages Maintenance83 Actively maintained with recent releases Popularity9 Limited adoption so far Community10 Small or concentrated contributor base Maturity54 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~9 days Recently: every ~26 days Total 24 Last Release 90d ago PHP version history (2 changes)v0.1.0PHP ^8.2 v0.1.2PHP ^8.2|^8.3|^8.4 ### Community Maintainers ![](https://www.gravatar.com/avatar/c908dfdf092a072c4bc678b161b053e20d00f90e9e9ba2c18ecddef6b848f1a4?d=identicon)[esanj](/maintainers/esanj) --- Top Contributors [![itsalifadaei](https://avatars.githubusercontent.com/u/34383343?v=4)](https://github.com/itsalifadaei "itsalifadaei (121 commits)") ### Embed Badge ![Health badge](/badges/esanj-managers/health.svg) ``` [![Health](https://phpackages.com/badges/esanj-managers/health.svg)](https://phpackages.com/packages/esanj-managers) ``` ### Alternatives [robsontenorio/laravel-keycloak-guard 🔑 Simple Keycloak Guard for Laravel 5161.1M3](/packages/robsontenorio-laravel-keycloak-guard)[kovah/laravel-socialite-oidc OpenID Connect OAuth2 Provider for Laravel Socialite 2073.7k](/packages/kovah-laravel-socialite-oidc)[truckersmp/steam-socialite Laravel Socialite provider for Steam OpenID. 1516.7k](/packages/truckersmp-steam-socialite)[vinkas/firebase-auth-laravel Firebase Authentication package for Laravel PHP Framework 392.1k](/packages/vinkas-firebase-auth-laravel)[pschocke/laravel-telegram-login-widget Easily integrate Telegrams login widget into your Laravel application to send Telegram messages 1610.4k](/packages/pschocke-laravel-telegram-login-widget) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)