PHPackages                             jomweb/cake-impersonate - PHPackages - PHPackages  [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register)

1. [Directory](/)
2. /
3. [Authentication &amp; Authorization](/categories/authentication)
4. /
5. jomweb/cake-impersonate

ActiveCakephp-plugin[Authentication &amp; Authorization](/categories/authentication)

jomweb/cake-impersonate
=======================

Impersonate plugin for CakePHP 3

3.0.0(7y ago)74.2k3[1 issues](https://github.com/jomweb/CakeImpersonate/issues)MITPHPPHP &gt;5.6

Since Oct 29Pushed 6y ago5 watchersCompare

[ Source](https://github.com/jomweb/CakeImpersonate)[ Packagist](https://packagist.org/packages/jomweb/cake-impersonate)[ RSS](/packages/jomweb-cake-impersonate/feed)WikiDiscussions master Synced 1mo ago

READMEChangelog (10)Dependencies (3)Versions (15)Used By (0)

CakeImpersonate Plugin
======================

[](#cakeimpersonate-plugin)

[![Build Status](https://camo.githubusercontent.com/a0a3cc76fcbc094561ef663911a6b15a57749f584dd362a228eeb74e21c81e8d/68747470733a2f2f7472617669732d63692e6f72672f6a6f6d7765622f43616b65496d706572736f6e6174652e7376673f6272616e63683d6d6173746572)](https://travis-ci.org/jomweb/CakeImpersonate)[![Coverage Status](https://camo.githubusercontent.com/a1e0580f18f3b8c95667bc18247394943fc959ebeee9ebdb94cae5119611f9b1/68747470733a2f2f636f6465636f762e696f2f67682f6a6f6d7765622f43616b65496d706572736f6e6174652f6272616e63682f6d61737465722f67726170682f62616467652e737667)](https://codecov.io/gh/jomweb/CakeImpersonate)[![Latest Stable Version](https://camo.githubusercontent.com/86ad00a13325be0f6eb3458cdce2554768a842322a31c3b723e1554c1e8ef0cd/68747470733a2f2f706f7365722e707567782e6f72672f6a6f6d7765622f63616b652d696d706572736f6e6174652f762f737461626c652e737667)](https://packagist.org/packages/jomweb/cake-impersonate)[![Minimum PHP Version](https://camo.githubusercontent.com/e97290c4047b8fc1152177fc8110cab416f31f18159b722b6b633a210a198861/687474703a2f2f696d672e736869656c64732e696f2f62616467652f7068702d253345253344253230352e362d3838393242462e737667)](https://php.net/)[![License](https://camo.githubusercontent.com/3efd3d8f21387daaf5a4fe448e570ce680cb914b73cbbe031ce81005a21fd181/68747470733a2f2f706f7365722e707567782e6f72672f6a6f6d7765622f63616b652d696d706572736f6e6174652f6c6963656e73652e737667)](https://packagist.org/packages/jomweb/cake-impersonate)[![Total Downloads](https://camo.githubusercontent.com/9f3631a8f39d8a2ccf4490026b7ca65e4277e3c6dec938ba322b296509731d32/68747470733a2f2f706f7365722e707567782e6f72672f6a6f6d7765622f63616b652d696d706572736f6e6174652f642f746f74616c2e737667)](https://packagist.org/packages/jomweb/cake-impersonate)

Impersonate Component
=====================

[](#impersonate-component)

A component that stores the current authentication session and creates new session for impersonating Users. User can revert back to original authentication sessions without the need to re-login.

Warning
-------

[](#warning)

Always double check that an attacker cannot "spoof" other users in the controller actions. To prevent hijacking of users accounts that the current request User shouldn't/wouldn't have normal access to. You should enable [CsfrComponent](https://book.cakephp.org/3.0/en/controllers/components/csrf.html) and [SecurityComponent](https://book.cakephp.org/3.0/en/controllers/components/security.html) in your Controller when loading this component.

***This Plugin does circumvent default authentication mechanisms***

Requirement
-----------

[](#requirement)

1. CakePHP 3.7 and above.

Installation/Upgrading
----------------------

[](#installationupgrading)

`composer require jomweb/cake-impersonate:"^3.0"`

### Plugin Load

[](#plugin-load)

Open \\src\\Application.php add

```
$this->addPlugin('CakeImpersonate');
```

to your bootstrap() method or call `bin/cake plugin load CakeImpersonate`

### Component Load

[](#component-load)

Load the component from controller

```
$this->loadComponent('CakeImpersonate.Impersonate');
```

### Configure Session Key

[](#configure-session-key)

Open `configure\app.php` and add

```
'Impersonate' => [
    'sessionKey' => 'OriginalAuth'
]
```

to the `return [];` or use `Configure::write('Impersonate.sessionKey', 'OriginalAuth');` when loading the component.

Usage
-----

[](#usage)

### Impersonate user

[](#impersonate-user)

This requires the request to be a `POST`, `PUT`, `DELETE` so it can be protected by `SecurityComponent` and `CsrfComponent`

```
$this->Impersonate->login($userIdToImpersonate);
```

### Check current user is impersonated

[](#check-current-user-is-impersonated)

```
$this->Impersonate->isImpersonated();
```

### Logout from impersonating

[](#logout-from-impersonating)

```
$this->Impersonate->logout();
```

###  Health Score

35

—

LowBetter than 79% of packages

Maintenance17

Infrequent updates — may be unmaintained

Popularity28

Limited adoption so far

Community14

Small or concentrated contributor base

Maturity66

Established project with proven stability

 Bus Factor1

Top contributor holds 81.7% of commits — single point of failure

How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window.

**Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores.

**Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement.

**Maturity (30%)** — Project age, version count, PHP version support, and release stability.

###  Release Activity

Cadence

Every ~66 days

Recently: every ~92 days

Total

13

Last Release

2314d ago

Major Versions

v1.1 → 2.02018-11-22

2.1.6 → 3.0.0-RC12019-01-04

3.0.0 → 4.0.0-beta2019-12-30

PHP version history (2 changes)2.1.1PHP &gt;5.6

4.0.0-beta1PHP &gt;=7.2

### Community

Maintainers

![](https://avatars.githubusercontent.com/u/172966?v=4)[Mior Muhammad Zaki](/maintainers/crynobone)[@crynobone](https://github.com/crynobone)

![](https://www.gravatar.com/avatar/a4d6f5422753ffe4bb6a639c018465c0bed1a7f0a2cbf1db718682f47852c434?d=identicon)[akutaktau](/maintainers/akutaktau)

---

Top Contributors

[![challgren](https://avatars.githubusercontent.com/u/88909?v=4)](https://github.com/challgren "challgren (49 commits)")[![akutaktau](https://avatars.githubusercontent.com/u/408417?v=4)](https://github.com/akutaktau "akutaktau (11 commits)")

---

Tags

authenticationcakephp-plugincakephp3cakephp3ximpersonating-users

###  Code Quality

Code StylePHP\_CodeSniffer

### Embed Badge

![Health badge](/badges/jomweb-cake-impersonate/health.svg)

```
[![Health](https://phpackages.com/badges/jomweb-cake-impersonate/health.svg)](https://phpackages.com/packages/jomweb-cake-impersonate)
```

###  Alternatives

[cakedc/users

Users Plugin for CakePHP

524897.0k16](/packages/cakedc-users)[dereuromark/cakephp-tinyauth

A CakePHP plugin to handle user authentication and authorization the easy way.

129228.6k10](/packages/dereuromark-cakephp-tinyauth)[admad/cakephp-jwt-auth

CakePHP plugin for authenticating using JSON Web Tokens

160680.3k8](/packages/admad-cakephp-jwt-auth)[markstory/acl_extras

Additional tools for managing DB ACL in CakePHP applications.

155311.0k](/packages/markstory-acl-extras)[admad/cakephp-social-auth

A CakePHP plugin which allows you to authenticate using social providers like Facebook/Google/Twitter etc.

51298.3k1](/packages/admad-cakephp-social-auth)[cakedc/auth

Auth objects for CakePHP

31630.0k2](/packages/cakedc-auth)

PHPackages © 2026

[Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)