Server Requirements

In order to install the Vanguard application, your server must meet the following requirements:

• PHP >= 8.1.0
• OpenSSL PHP Extension
• PDO PHP Extension
• Mbstring PHP Extension
• Tokenizer PHP Extension
• Ctype PHP Extension
• JSON PHP Extension
• XML PHP Extension
• GD PHP Extension
• Fileinfo PHP Extension
• Xdebug Max Nesting Level (>= 500)

File System Permissions

To be able to start the installation at all, you must set appropriate permissions for storage folder and it's subfolders. So, the very first thing to do is to set permissions to 777 for storage folder, all it's subfolders as well as settings.json file.

After setting the permissions you are ready to proceed to the installation.

Installing Vanguard

After downloading the ZIP archive, and uploading it to your server, the first thing you have to do is to create the database where system tables will be created. Let's say, you create the database called vanguard.

Step 1 - Welcome Screen

After creating the database next step is accessing the application URL from a browser. One thing you need to know is that Laravel is designed to allow HTTP access to the application from your public folder only. This means that Vanguard application will be available at yourdomain.com/public. It is good enough for installation and development purposes, however, for production you will probably want to have your application available at yourdomain.com. In next section I will show you how you can accomplish that.

Ok, since this is the first time that you are accessing the system, the installation wizard, will be displayed.

Note! If you get 500 Server Error when you try to access the script installer, this usually means that your storage/ directory is not writable and that Laravel is unable to compile views or start the session. To fix this, just update the permissions like it is described above.

Note! If you are not able to access the website by accessing yourdomain.com/public, but you are able to access it via yourdomain.com/public/index.php, this means that you probably don't have Apache mod_rewrite installed and enabled. You can find more info about fixing this issue here.

Step 2 - System Requirements

After clicking on "Next" button, you will be redirected to the second step during the installation wizard, System Requirements.

In order to install the script, your system must have installed and enabled all PHP extensions listed on that second installation step.

Step 3 - Directory Permissions

After successfully enabling and installing all required PHP extensions, next step is to set the appropriate permissions for some system folders. All directories listed on step 3 has to be writable by the application, as it is displayed on the following picture.

After making all those directories writable by changing their permissions to 777 (or 775, if the owner of your files is web server user), you are ready to proceed to next step and insert your database credentials.

Step 4 - Database Info

On step 4 you have to fill in your database credentials and choose a prefix for your database tables if you want. Of course, you can leave prefix field empty if you don't want your database tables to be prefixed.

If you have any problems saying that Vanguard is unable to connect to your database, you can check error log inside storage/logs directory for more information about the error.

Step 5 - Installation

After passing all those steps, you are now ready to install your application. If you want, you can change application name to something else by typing the application name here, before you press the Install button.

Once you are ready, just press the Install button and installation process will start immediately. It should not take more than few seconds.

Step 6 - Complete Installation

Once the application is successfully completed, you will see the last step from installation wizard, as per below

A default user will be created for you with following credentials:

username: admin password: admin123

NOTE! Since your root directory is still writable by the group, you should now change the permissions to 755 and make it writable only by root system user. This is for security reasons.

NOTE! Don't forget to change default user's credentials before you put the application to production!

Application URL

So, if you are wondering why your application is available only when you access the public folder of your website, the answer is relatively simple: because of security! This means that only your public folder should be accessible from the browser and that app, storage and other folders should not.

The best way to use your application in production is to change the document root inside nginx or Apache configuration files, to point to your public directory.

If you are using nginx, here is beginners guide that will let you know how you can change your document root to point to public folder, instead of root application folder.

On the other hand, if you are using Apache, there is good Stack Overflow answer to how you can change the document root to point to some other folder (public folder in our case). Also, you can create Apache Virtual Hosts (more info on this can be found here) that will allow you to point your application to serve files from public folder and leave your other applications on same server untouched.

But, what if you are hosting your application on some shared hosting and you are not able to change your document root? In that case, you will have to modify some application files.

Changing Application's Public Directory

Let's say that you want to upload your application to some shared hosting. Typically, there will be an public_html directory where you would upload your application since everything that's inside that directory will be accessible via HTTP. But, as it is already mentioned, it is not good from a security standpoint.

Step 1 - Uploading the application

So, in this case, the best way is to upload Vanguard application into its own folder that is one level above the public_html folder. In that case, your directory structure will look something like this:

.
..
/public_html
/some_other_folder
/Vanguard

In this case, we have uploaded our whole Vanguard app into Vanguard folder that is on the same level as your public_html folder, and it is not accessible from your browser.

Step2 - Copying public files

Now you need to copy everything from Vanguard's public folder to public_html folder on your server (you can remove Vanguard/public folder after moving those files).

This will allow us to change the name and location of public folder for our application.

Step3 - Updating index.php file

The final step is to update the index.php file you have copied from public to public_html directory. So, go to public_html and edit index.php file and update it as follows:

//update path to autoload.php file
require __DIR__.'/../Vanguard/vendor/autoload.php';

//update path to app.php file
$app = require_once __DIR__.'/../Vanguard/bootstrap/app.php';

//this line should be added right after previous line where $app variable 
//is defined and it is used to tell Laravel where your public folder is now. 
//Do not change it, just copy and paste it!
$app->usePublicPath(__DIR__);

//leave the rest unchanged

And that's it, Vanguard application will now be available at yourdomain.com, and all application files will be secured.

Of course, if you want, you can place public Vanguard files (those files you have copied to public_html directory int Step 2) into any other folder/subfolder on your website, as long as you update the path to autoload.php and app.php files inside your index.php file.

Re-Installing The App

Let's say that you have installed the Vanguard application, but, for some reason, you want to re-install it and start from scratch.

In that case, the easiest way is to just delete the whole application and drop all DB tables and start the installation process again. However, in case you have modified only one or two files, you don't have to delete and re-upload the whole app because of that. You simply can replace those modified files with original files from the ZIP archive, remove the database and remove .env file from Vanguard's root folder. The .env file is the key here since Vanguard will check if that file exists on every request and, if a file does not exist, you will be redirected to the installation wizard automatically.

Social Authentication

If you want to allow social authentication for your users, you will have to define which social providers you want to allow. The list of social providers is declared inside config/auth.php file. Vanguard supports Facebook, Twitter, and Google+ by default.

The following code is an example of allowing all three default supported providers for Vanguard application:

'social' => [
    'providers' => ['facebook', 'twitter', 'google']
],

If you want to disable some social providers, just remove it from that providers array and you are good to go. Also, if you don't want social authentication on your website, just empty that providers array, as follows:

'social' => [
    'providers' => []
],

Facebook

Here is a detailed explanation of how you can create a Facebook application and acquire the application id and secret key, required for social authentication. During the application creation and configuration, make sure that you have entered the correct application domain on the application's settings page.

After you create an application, you can find your App ID and App Secret keys on your application's Dashboard. Those keys should be copied to .env the configuration file available inside Vanguard's root directory, as follows:

FACEBOOK_CLIENT_ID=your_application_id_from_facebook
FACEBOOK_CLIENT_SECRET=your_application_secret_from_facebook
FACEBOOK_CALLBACK_URI=http://YOUR_DOMAIN/auth/facebook/callback

Note! The .env file will be available inside your root folder after successful installation, so make sure that you have already installed the application before you start the configuration process.

Note on Callback URL

Since all social providers require a callback url, if you haven't removed public from your application url, make sure that you provide the correct callback url that also contains public segment. So, for example, your Facebook callback will look like this

http://YOUR_DOMAIN/public/auth/facebook/callback

Twitter

In order to create Twitter application, and get the required Application Id and Secret key, go to Twitter Application Management and click Create New App button at the top right corner. When app creation form is opened, fill all required fields and click Create your Twitter Application button at the bottom of the page.

Note! Your Callback URL is http://YOUR_DOMAIN/auth/twitter/callback.

After the application is created, go to the Keys and Access Tokens tab, grab your Consumer Key and Consumer Secret, and paste them into your .env file as follows:

TWITTER_CLIENT_ID=your_consumer_key
TWITTER_CLIENT_SECRET=your_consumer_secret
TWITTER_CALLBACK_URI=http://YOUR_DOMAIN/auth/twitter/callback

Google+

In order to utilize Google+ Authentication, first you need to create a new Google Project/Application. To do that, go to https://console.developers.google.com/project, click the Create project button at the top left corner, and enter your Project name.

After you have created your project, you now have to enable Google+ API and get the credentials that will be used for authentication. Go to https://console.developers.google.com/apis/library, select your project from the drop-down available on the top right header, and click on the Google+ API link inside the list of available Google APIs.

After opening the Google+ API page, click the Enable API button in order to enable the API.

After enabling the API, the only remaining step is to get the credentials you need. Just click on the Go to Credentials button, fill in the displayed credentials form as follows, and click What credentials do I need? button:

After entering the required application Name, make sure that you enter http://YOUR_DOMAIN in Authorized JavaScript origins section, and http://YOUR_DOMAIN/auth/google/callback in Authorized redirect URIs section.

After you fill those fields, click Create client ID button, provide your product name as required, and get your Client Id and Client Secret keys.

When you have those keys, the only thing left for you to do is to paste them into your .env file as follows:

GOOGLE_CLIENT_ID=your_client_id
GOOGLE_CLIENT_SECRET=your_client_secret
GOOGLE_CALLBACK_URI=http://YOUR_DOMAIN/auth/google/callback

Google reCAPTCHA

Google's reCAPTCHA is available for Vanguard's user registration form. Enabling reCAPTCHA is, fortunately, an easy thing to do. Just go to reCaptcha Website, pick the "Challenge (v2)" for the reCaptcha type, get your Site Key and Secret Key, and paste them into your .env file as follows:

RECAPTCHA_SECRETKEY=your_recaptcha_secret_key
RECAPTCHA_SITEKEY=your_recaptcha_site_key

That's all you need to do. Now you can enable or disable reCAPTCHA on your registration page from the Auth and Registration settings page.

Email Configuration

By default, Vanguard will be configured to use a native PHP mail driver for sending emails. However, you can configure it to use SMTP, Sendmail, Mailgun, Mandrill, Amazon SES or Log driver (good for development purposes).

Here we will cover only SMTP configuration, and if you are interested in other options mentioned above, you can find all details of how to enable them inside Laravel Documentation.

SMTP

In order to switch to an SMTP driver, instead of native PHP mail, just open your .env file and define your mail environment variables as follows:

MAIL_MAILER=smtp
MAIL_HOST=your_smtp_host
MAIL_PORT=your_smtp_port
MAIL_USERNAME=your_smtp_username
MAIL_PASSWORD=your_smtp_password
MAIL_ENCRYPTION=your_smtp_encryption

Note! If your SMTP server does not have encryption, just set it to null, or set it to blank like this: MAIL_ENCRYPTION=.

Additional Mail Configuration

One thing that you would want to configure for your application is your "From" email address and "From" name. You can do that by editing config/mail.php file and updating from array to fit your needs.

Session Configuration

Vanguard supports multiple session drivers like File, Cookie, Database, APC, Memcached, Redis and Array (used for testing purposes only).

Note! The default session driver is Database, since it is the only driver that supports user session management. If you change the database driver to any other driver than the session, Active Sessions Management feature will be disabled.

Changing the session driver is as easy as updating your SESSION_DRIVER variable inside .env file and changing its value to one of the above drivers (all lowercase).

For example, if you want to switch to File session driver, you will update your .env file like the following:

SESSION_DRIVER=file

That's it, you don't have to change anything inside your codebase. Everything will be working as usual, except you won't be able to track user sessions.

More session configuration options are available inside the config/session.php configuration file. Feel free to check that file and configure things such as session lifetime, session cookie name, etc.

HTTPS

If you want to force all the pages to be accessed via HTTPS, the recommended way to do so is via your web server configuration. If you are using Apache or Nginx, or some other web server, you can easily configure them to redirect all traffic to HTTPS.

However, if you are not sure how to do that or your server configuration does not allow you so, you can simply add FORCE_SSL variable to your .env file and set it to true. It will force all links to be served via HTTPS. So, inside your .env file, it should look like the following:

//... 
FORCE_SSL=true

Date/Time Format

Date and date-time format can be configured inside the config/app.php file. By editing date_format and date_time_format configuration parameters you are able to configure how it will be formatted across the application.

JSON API

Built-in JSON API is disabled by default, and if you want to enable it, just add a new .env variable like the following:

//... 
EXPOSE_API=true

After that, your API will be located at yourcomain.com/api and you can start using it. More info about the JSON API can be found here.

If you already have an existing PHP application, and you want to add user login and registration features, this section will show you how to accomplish that with Vanguard.

If can, it is highly recommended to move your application to Laravel framework and incorporate it inside Vanguard application. This will give you a ton of great features and abilities, and make your website more organised and maintainable.

For the purpose of this example, we will create a very simple one-page website that we will protect using Vanguard. We will first protect the whole page and make it be available for authenticated users only. After that, we will make that webpage display some content only for authenticated users, and if user is a guest then he won't be able to see that content. For the purpose of this example, we will create a very simple one-page website that we will protect using Vanguard. We will first protect the whole page and make it be available for authenticated users only. After that, we will make that webpage display some content only for authenticated users, and if user is a guest then he won't be able to see that content.

Website Structure

The HTML for example page is given below:

<!doctype html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>My Website</title>

    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
</head>
<body>

<div class="container">
    <h1>My Simple Website</h1>

    <br>

    <div class="well">
        Lorem ipsum dolor sit amet, consectetur adipisicing elit. Consectetur debitis distinctio dolore
        eligendi enim fugit ipsa nemo odio odit quam quibusdam sapiente, voluptatum? Asperiores quis, rerum? Aperiam
        iusto nostrum repellat?
    </div>

    <h4>Random List</h4>
    <ul class="list-group">
        <li class="list-group-item">Cras justo odio</li>
        <li class="list-group-item">Dapibus ac facilisis in</li>
        <li class="list-group-item">Morbi leo risus</li>
        <li class="list-group-item">Porta ac consectetur ac</li>
        <li class="list-group-item">Vestibulum at eros</li>
    </ul>
</div>

</body>
</html>

And, this page currently looking like this:

Protecting The Website

In order to protect the website and allow access to authenticated users only, all you have to do is to add following code snippet at the top of the webpage you want to protect:

<?php

// This should be equal to: PATH_TO_VANGUARD_FOLDER/extra/auth.php
require_once __DIR__ . '/../extra/auth.php';

// Here we just check if user is not 
// logged in, and in that case we redirect
// the user to vanguard login page.
if (! Auth::check()) {
    redirectTo('login');
}

?>

Note! Make sure that you don't have any blank space before open <?php tag, not even a space!

If your Vanguard installation is inside some subfolder, just make sure that you call redirectTo method with correct parameter. For example, if you have installed Vanguard inside vanguard folder that is in your server's root, your redirectTo function call should look like this:

//...
    redirectTo('vanguard/login');
//...

Redirecting to Custom Page After Login

In case you want to redirect users to some custom page after successful authentication, this can be easily achieved with Vanguard as following:

//This can be url to any page, it doesn't matter
//if it is on your existing website or not
$to = "http://www.google.com";

if (! Auth::check()) {
    redirectTo('login?to=' . $to);
} 

There are many cases where you want to return user to current page after they successfully log in via Vanguard. Fortunately, previous example does exactly what you need, and the only thing you need to change is redirect page. Here is an example:

//Move this to some helper function if you need it more than once
 $currentUrl = (empty($_SERVER["HTTPS"]) ? "http://" : "https://") . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"];

 if (! Auth::check()) {
     redirectTo('login?to=' . $currentUrl);
 } 

Displaying Content For Authenticated Users Only

What if you want to still display a page to guest users, but hide some content from them and make it visible to authenticated users only? Luckily, Vanguard makes such task pretty easy.

First, lets modify the content of the website as following:

<?php require_once __DIR__ . '/../extra/auth.php'; ?>
<!doctype html>
<html lang="en">
<head>
    <meta charset="UTF-8">
    <title>My Website</title>

    <link rel="stylesheet" href="https://maxcdn.bootstrapcdn.com/bootstrap/3.3.6/css/bootstrap.min.css">
</head>
<body>

<div class="container">
    <h1>
        My Simple Website
        <?php if (Auth::check()): ?>
            <a href="logout" class="btn btn-default pull-right">Logout</a>
        <?php else: ?>
            <a href="logout" class="btn btn-primary pull-right">Login</a>
        <?php endif; ?>
    </h1>

    <br>

    <div class="well">
        Lorem ipsum dolor sit amet, consectetur adipisicing elit. Consectetur debitis distinctio dolore
        eligendi enim fugit ipsa nemo odio odit quam quibusdam sapiente, voluptatum? Asperiores quis, rerum? Aperiam
        iusto nostrum repellat?
    </div>

    <?php if (Auth::check()): ?>
        <h4>Random List</h4>
        <ul class="list-group">
            <li class="list-group-item">Cras justo odio</li>
            <li class="list-group-item">Dapibus ac facilisis in</li>
            <li class="list-group-item">Morbi leo risus</li>
            <li class="list-group-item">Porta ac consectetur ac</li>
            <li class="list-group-item">Vestibulum at eros</li>
        </ul>
    <?php endif; ?>
</div>

</body>
</html>

Now, if we access the website as non-authenticated (guest) user, the page will look like following

So, as you can see, it works like this:

<?php if (Auth::check()): ?>
   // content here will be displayed only if user is authenticated
<?php else: ?>
   // content here will be displayed only for guest users
<?php endif; ?>

This means that, on webiste above, we did the following:

1. If user is logged in, then we will display logout button. Otherwise, we will display Login button.
2. We will display Random List element only if user is logged in.

Displaying Content Based On User Role

From outside (and from inside) of Vanguard application, currently logged in user can be fetched using Auth Facade, like following:

$user = Auth::user();

Now, by calling echo $user->first_name; it will print the value inside first_name database column for that specific user. So, as you can imagine, it work for all db columns, not only for first_name. If you are interested to learn more about models in Laravel, check the documentation.

If we want to check if user has some role, it can be done like this:

$user->hasRole('Admin');

The parameter used for hasRole function is role name. Check roles and permissions section for more details about what is name attribute and how you can create/manage roles in Vanguard.

So, since we now know how to check if user has specific role, rendering some content or doing some action based on user's role is almost the same as we did for authenticated/non-authenticated users.

The modified website example will display Random List section only if currently logged in user has Admin role:

//...

    <?php if (Auth::user()->hasRole('Admin')): ?>
        <h4>Random List</h4>
        <ul class="list-group">
            <li class="list-group-item">Cras justo odio</li>
            <li class="list-group-item">Dapibus ac facilisis in</li>
            <li class="list-group-item">Morbi leo risus</li>
            <li class="list-group-item">Porta ac consectetur ac</li>
            <li class="list-group-item">Vestibulum at eros</li>
        </ul>
    <?php endif; ?>

//...

Displaying Content Based On User Permissions

If we want to check if some user has some permission, we can simply do that by calling hasPermission method on some user instance, with permission name as parameter, like following:

//This function call will return TRUE if 
//user has specified permission, and false otherwise
$user->hasPermission('users.manage')

Now, if we want to display Random List content from our example website to user with see_random_list permission, we can do it like following:

//...

    <?php if (Auth::user()->hasPermission('see_random_list')): ?>
        <h4>Random List</h4>
        <ul class="list-group">
            <li class="list-group-item">Cras justo odio</li>
            <li class="list-group-item">Dapibus ac facilisis in</li>
            <li class="list-group-item">Morbi leo risus</li>
            <li class="list-group-item">Porta ac consectetur ac</li>
            <li class="list-group-item">Vestibulum at eros</li>
        </ul>
    <?php endif; ?>

//...

Of course, since see_random_list permission does not exist, we will have to create it first, as it is explained inside roles and permissions section, and set the name attribute to see_random_list (for Display Name we can use anything we want, ex: See Random List). When such permission is created, we can assign it to any role we want.

Of course, if you want, you can always create your own css file and include after the main application css file in resources/assets/layouts/app.blade.php layout file, but it is much easier to use sass for any styling you want to add or update.

Requirements

Laravel Mix, which is the default way to compile assets for Laravel applications, requires Node.js and NPM to be installed on your development machine. More info on how to install it is available in Mix's documentation.

Using Laravel Mix

After you install Node.js and NPM, you need to run the following command from a Vanguard's root directory to install all required packages:

npm install

After the package installation is finished, you can run the following commands to compile (and minify) Vanguard styles:

// Run all Mix tasks...
npm run dev

// Run all Mix tasks and minify output...
npm run production

By running the above commands you will automatically compile everything to plain CSS and put it in public/assets/css/app.css file.

More info about other available Laravel Mix commands can be found in Mix's documentation.

Changing Theme Colors

As mentioned above, Vanguard's theme is based on Bootstrap 4, which means that you can easily override any SASS variables available inside the bootstrap itself like it's explained in Bootstrap's documentation.

Vanguard overrides some of Bootstrap's variables in resources/assets/sass/_variables.scss file. So, for example, if you want to change the theme primary color from #179970 to #aa0000 all you need to do is to update the $primary variable in _variables.scss file like follows

$primary: #aa0000;

and then to run the following command

npm run dev

// or, if you are building for production version of the site
npm run prod

Registration form customization is something that probably no one can avoid if it comes to Vanguard customization. If you are familiar with Laravel then adding another field into registration form will be an easy task for you.

However, for those who don't have a clue how Laravel is working, this will be a challenging tutorial.

Let us say that we want to add two new fields to the registration form: Nick Name and Country. Also, we will make Nick Name to be required and minimum 3 characters long.

This is probably the most difficult scenario, so if you understand how this one is working, then you can add any other field into that form.

Adding Missing Database Fields

Since Nick Name does not exist into our database schema, we will have to add it. There are many ways to add this field into users table, and we will cover two of them.

Laravel's Migrations (recommended)

Creating migrations for your database schema is the best way to create and modify your database schema. Also, since migrations are basically PHP files, those files will be stored on your Version Control System (Git, Mercurial, etc.) so any of your coworkers will have access to database schema that is being used for your project, and, the best thing about it, is that you will be able to see full history of changes for any of your database tables.

So, for our tutorial, we will create new database migrations by typing the following command into our terminal:

php artisan make:migration add_nick_name_field_to_users_table

After this command is executed, new file will be created into our database/migrations folder. Since we want to alter the existing users table, the newly created migration class will look like following:

use Illuminate\Database\Schema\Blueprint;
use Illuminate\Database\Migrations\Migration;

class AddNickNameFieldToUsersTable extends Migration
{
    /**
     * Run the migrations.
     *
     * @return void
     */
    public function up()
    {
        Schema::table('users', function (Blueprint $table) {
            $table->string('nick', 20);
        });
    }

    /**
     * Reverse the migrations.
     *
     * @return void
     */
    public function down()
    {
        Schema::table('users', function (Blueprint $table) {
            $table->dropColumn('nick');
        });
    }
}

When it is executed, this migration will add new column into users database table called nick, and it will be type of VARCHAR(20). If you want to learn more about Laravel Migrations, check the documentation.

Now, since our migration is ready, we can execute it by typing the following command into our terminal:

php artisan migrate

If you check the database using PHPMyAdmin (or some other similar app) you will see that our nick field is added to users database table.

Manually Add Missing Field

If for some reason you decide not to use the migrations for altering the database, you can manually add missing nick field using PHPMyAdmin or similar application. Just make it varchar(20) and we are good to go.

Note! This maybe looks easier for now, but what if you forgot to tell to your co-workers that you have added that new field? Or even if you tell them, each one of them will have to create it manually.

Updating RegisterController

Since we are going to allow users to select their country on the registration form, we have to fetch all available countries from the database and to pass those countries to our registration view.

In order to do that, we will have to edit app/Http/Controllers/Web/Auth/RegisterController.php file and update it's AuthController::show method as following (pay attention to the use code at the top of the file):

namespace Vanguard\Http\Controllers\Web\Auth;

use Vanguard\Repositories\Country\CountryRepository;

//...

/**
 * Show the application registration form.
 *
 * @param CountryRepository $countryRepository
 * @return \Illuminate\Http\Response
 */
public function show(CountryRepository $countryRepository)
{
    return view('auth.register', [
        'socialProviders' => config('auth.social.providers'),
        'countries' => $countryRepository->lists()
    ]);
}

Now, we have updated our controller method that is responsible for displaying the registration form and provided an array of countries to it in the following format

[
    'country1_id' => 'country1_name',
    'country2_id' => 'country2_name',
    //...
]

We are now ready to update the form HTML.

Updating Form HTML

As you can see from the previous code snippet, where we have updated the show method for our RegisterController, there is some view function call that says view('auth.register', .... This actually means that it Laravel will look for our view into resources/views/auth/ directory, it will look for file called register.blade.php. That's the file we need to update.

So, we will update resources/views/auth/register.blade.php file and add the following code snippet right after email input field:

<div class="form-group">
    <input type="text"
           name="nick"
           id="nick"
           class="form-control input-solid"
           placeholder="Nick Name"
           value="{{ old('nick') }}">
</div>
<div class="form-group">
    {!!
        Form::select(
            'country_id',
            $countries,
            old('country_id'),
            ['class' => 'form-control input-solid', 'id' => 'country_id']
        )
    !!}
</div>

This will render us the following registration form:

Note! If you curious how Form::select works, check Laravel Collective documentation.

Adding Validation

Since we have defined that Nick Name will be a required field with a minimum length of 3 characters, we have to add one more validation rule inside $rules array available in RegisterRequest::rules method in app/Http/Requests/Auth/RegisterRequest.php file.

So, right after password validation rules, add the following rule

$rules = [
    //...
    'nick' => 'required|min:3'
];

This validation rule will make our Nick Name field required his minimum length must be 3 characters.

Note! If you want to know more about Laravel validation and available validation rules, check the validation documentation.

Updating the User Model

Since we have added a new database field inside our users table, we have to update our users model and add that field to your fillable attributes array.

So, just edit app/User.php and add field nick into $fillable array, right after email_verified_at field.

Updating the Register Request

And the last step is to actually tell our RegisterController that we want him to use two more fields which we have added to our registration form.

To do that, just go to app/Http/Requests/Auth/RegisterRequest.php and inside validFormData method, replace

$this->only('email', 'username', 'password')

with

$this->only('email', 'username', 'password', 'country_id', 'nick')

And that's it, your registration form now have two more fields that are automatically validated and stored into the user's table after a successful registration. :)

The page we are going to add will be a simple page that will display the list of all users with active sessions.

Page Route

The first thing we will have to do is to create a new route for your page. We can do that by simply editing /routes/web.php file and adding the following code anywhere inside the file. I've added it on top.

Route::get('active-users', function () {
    return "Active users will be displayed here.";
})->name('active-users');

To verify that this code is actually working, you should go to yourwebsite.com/active-users and you should see following text on your screen:

Active users will be displayed here.

This means that your route is now working properly, so we can proceed and create a new controller that will handle the actual request, instead of using this closure, as we did in our example above.

One more thing, as you can see, we assigned a name to this route. This is a very handy feature since we can now reference our route by name, and in case that we want to change the URL to something else in the future, we'll be able to change it only inside our routes/web.php file, and everything will work without any broken links.

Note! You can find more about routes inside Laravel's documentation.

Creating The Controller

Creating a new controller in Laravel is pretty easy. If you are familiar with the terminal, you can navigate to Vanguard's root folder and type the following command

php artisan make:controller Web/ActiveUsersController

After you execute this command, the new controller will be automatically created for you and placed inside app/Http/Controllers/Web folder. The file will be named ActiveUsersController.php. You can also create the controller by manually creating a new controller file inside app/Http/Controllers/Web directory, if you are using the controller for Web application, or inside app/Http/Controllers/Api directory if the controller will be used for the API.

Now let's define our constructor and create new index method inside that controller. The controller will now look like following

namespace Vanguard\Http\Controllers\Web;

use Vanguard\Http\Controllers\Controller;

class ActiveUsersController extends Controller
{
    public function __construct()
    {
        // Allow access to authenticated users only.
        $this->middleware('auth');

        // Allow access to users with 'users.manage' permission.
        $this->middleware('permission:users.manage');
    }

    public function index()
    {
        return "Hello from ActiveUsersController";
    }
}

Since we now have the controller that will be responsible for our active users, we are free to update the route we created in the previous chapter to actually point to this index method we just created, instead of using closure:

// /routes/web.php

Route::get('active-users', 'ActiveUsersController@index')->name('active-users');
//...

You can probably see the pattern here. If we translate the route above into a sentence, it basically says something like this:

"When someone tries to access yourdomain.com/active-users, execute code that is located inside index method from ActiveUsersController."

Now, if you access yourdomain.com/active-users from your browser, you will see the following response

Hello from ActiveUsersController

Of course, since we added those two checks inside the controller's constructor, you will have to be logged in and you must have users.manage permission to access this page.

Note! You can find more about controllers inside Laravel's documentation.

Fetching Users From DB

It's time to write the actual query that will fetch all users with active sessions available inside sessions database table. It is a simple join query, and Eloquent makes it even easier.

We will modify our controller to look like the following:

namespace Vanguard\Http\Controllers\Web;

use Vanguard\Http\Controllers\Controller;
use Vanguard\User;

class ActiveUsersController extends Controller
{
    public function index()
    {
        // Fetch users from database
        $users = User::join('sessions', 'users.id', '=', 'sessions.user_id')
            ->select('users.*')
            ->distinct()
            ->get();

        // Uncomment the following line if you want to see the info you get from the database
        // dd($users);

        // Load appropriate view for displaying the users
        // Note: compact('users') is the same as ['users' => $users] 
        return view('user.active-users', compact('users'));   
    }
}

As you can see, our join query is really simple. At the and of the index method, we will render our view, which we are going to create now.

Page View

In Laravel, all views are located inside resources/views folder. You can create an unlimited number of sub-folders there, and group your views however you like it. One great thing is that you can use dot notation when you want to render that view. That means that instead of / you can use "." when you want to reference your view from a controller.

In our controller code, we are referencing our view like user.active-users which means that we will create a new file called active-users.blade.php inside resources/views/user folder. As mentioned, you can put your view anywhere inside the resources/views folder, but for what we are building, it looks like user folder is the best place to put it.

Note! Laravel uses Blade templating language which has its own tags and ways of building the templates. It is really simple, and you can learn more about it here.

Here is the source code of our view file:

@extends('layouts.app')

@section('page-title', 'Active Users')
@section('page-heading', 'Active Users')

@section('breadcrumbs')
    <li class="breadcrumb-item active">
        Active Users
    </li>
@stop

@section('content')
    @include('partials.messages')
    @foreach($users as $user)
        <div class="user media d-flex align-items-center">
            <div>
                <a href="#">
                    <img width="64" height="64"
                        class="media-object mr-3 rounded-circle img-thumbnail img-responsive"
                        src="{{ $user->present()->avatar }}">
                </a>
            </div>
            <div class="d-flex justify-content-center flex-column">
                <h5 class="mb-0">{{ $user->present()->name }}</h5>
                <small class="text-muted">{{ $user->email }}</small>
            </div>
        </div>
    @endforeach
@stop

@section('styles')
    <style>
        .user.media {
            float: left;
            border: 1px solid #dfdfdf;
            background-color: #fff;
            padding: 15px 20px;
            border-radius: 4px;
            margin-right: 15px;
        }
    </style>
@stop

Let's explain what is happening here:

@extends('layouts.app') - means that this file is extending default layout called app, which is located inside resources/views/layouts folder.

@section('page-title', 'Active Users') - page title. Check <title></title> element inside app layout to see where it will be printed out.

@section('page-heading', 'Active Users') - page heading. Text to be rendered inside the header.

@section('breadcrumbs') ... @stop - page-specific breadcrumbs.

@section('content') ... @stop - The actual content section. Everything that is inside those two tags (@section('content') and @stop) will be echoed out on the same place where @yield('content') is located inside the app layout. Inside this section, we are just looping through the passed array of users and printing them out. We are using bootstrap media object just to make things a bit prettier. You can also click on the user's avatar and it will take you to the user profile page.

@section('styles') ... @stop - Anything that is located inside this section will be automatically placed inside the header (check app layout and search for @yield('styles')) of the page. We are placing this CSS here just to make things easier and have everything in one file, but when you are building something, you will probably put the CSS inside public/assets/css/app.css file, since that's where Vanguard custom CSS is located.

If we open the page now, it will look like the following:

Sidebar Menu

As you can see, we are able to access this page, but only by manually typing the URL inside the browser's address bar. Let's add a new link inside the sidebar menu that will point to our newly created page.

All we have to do is to create a file named ActiveUsers.php inside the app/Support/Plugins folder with the following content:

<?php
namespace Vanguard\Support\Plugins;

use Vanguard\Plugins\Plugin;
use Vanguard\Support\Sidebar\Item;

class ActiveUsers extends Plugin
{
    public function sidebar()
    {
        return Item::create(__('Active Users'))
            ->route('active-users')
            ->icon('fas fa-users')
            ->active("active-users*")
            ->permissions('users.manage');
    }
}

After creating a file, you'll need to update the "plugins" array in VanguardServiceProvider to look like the following:

protected function plugins()
{
    return [
        //...
        \Vanguard\Support\Plugins\ActiveUsers::class,
    ];
}

By adding \Vanguard\Support\Plugins\ActiveUsers::class, to the list of plugins it will instruct Vanguard to execute the sidebar method from your ActiveUsers class and add the item to the sidebar.

If you refresh the page now, you will see the newly created sidebar menu item.

More info about the sidebar item configuration can be found inside the Plugins documentation.

In this example we will add 3 more different permissions: View User, Edit User and Remove User. Those permissions will allow us to have some users be able to access the users section, but some of them won't be able to do anything else than to edit user or view their profiles.

Creating Permissions

All permissions can be created through the UI, like it is explained in roles and permissions section.

Created permissions for this example have have following details:

Updating View Template

Now, since we have those permissions created, we need to update the view that is used for displaying users list. The HTML used for displaying the list of users is located inside resources/views/user/list.blade.php view file.

Our goal is to display buttons for editing, viewing or removing some user only if currently logged in user has the appropriate permission. In order to display something based on user's permissions, we just have to surround that HTML with following Blade directives:

@permission('user.view')
    // Anything here will be displayed only
    // if currently logged in user has "user.view" permission
@endpermission

So, to apply this to our use-case, we will surround those buttons like following:

@permission('user.view')
    <a href="{{ route('user.show', $user->id) }}" 
       class="btn btn-success btn-circle"
       title="View User" data-toggle="tooltip" data-placement="top">
       <i class="glyphicon glyphicon-eye-open"></i>
    </a>
@endpermission

// Do the same for all 3 buttons

Since view is now updated, if you access the yourdomain.com/user URL, you won't see those buttons for viewing, editing and removing users. But, as you probably already guessed, you are still able to edit some user by directly accessing the following URL yourdomain.com/user/USER_ID/edit. That's because the process is not completed yet, and you have to update your routes or controller.

Applying the Permissions

Removing the buttons from users list is not actually protecting the application. If users type a specific URL directly in the browser's address bar, they will be able to access the desired page. In order to protect this, we have to apply permission middleware.

This can be done in two ways. We can update the controller and add middleware directly inside the controller's constructor, or we can update routes/web.php file and apply middleware to a specific route.

In this example, we will add the permission middleware inside the UsersController. If you want to learn more about adding middleware on the route level, please check Laravel's documentation.

Updating UsersController

One way to protect our pages and make them available only for users with specific permissions is to add middleware directly to the controller's constructor. For our example, we have to edit app/Http/Controllers/Web/Users/UsersController.php controller and add the following code inside its __construct method:

$this->middleware('permission:user.view', ['only' => 'show']);

$this->middleware('permission:user.edit', ['only' => 'edit']);

$this->middleware('permission:user.remove', ['only' => 'destroy']);

After applying middleware to the controller's methods (the only option provided as the second argument means that permission middleware should only be applied to specified methods inside the controller), Vanguard will throw 403 Forbidden exceptions whenever someone tries to access the protected URL, and it will make that part of the system available only for users with appropriate permissions.

NOTE: This is just an example. Make sure that you add the permissions to other controllers inside the "app/Http/Controllers/Web/Users" folder to make sure that only users with specific permissions can be able directly send some HTTP requests to the any of the routes tied to those controllers and bypass the permissions check.

So, let's proceed and add GitHub authentication driver.

The Configuration File

The first thing we need to do is to edit the config/auth.php configuration file and add github into social providers array, like following:

'social' => [
    'providers' => ['facebook', 'twitter', 'google', 'github']
],

Login Page

Next step is to modify the login page and add GitHub button. The view file we need to modify is resources/views/auth/social/buttons.blade.php. We will add the following code at the end of the list:

@if (in_array('github', $socialProviders))
    <div class="col-{{ $colSize }} d-flex align-items-center justify-content-center">
        <a href="{{ url('auth/github/login') }}" style="color: #24292e;">
            <i class="fab fa-github fa-2x"></i>
        </a>
    </div>
@endif

It will make our login form look like this

GitHub Keys

After modifying our login page, we can now proceed and create GitHub oAuth application. Creating the application is simple, and you need to provide your application name, website URL as well as callback URL which will be used by Vanguard.

The callback URL should look like

http://yourdomain.com/auth/github/callback

Or, if you haven't removed public from your app URL, then it should be present in your callback URL too

 http://yourdomain.com/public/auth/github/callback

After you create the GitHub application, you should grab your Client ID and Client Secret and create the following variables inside your .env file:

GITHUB_CLIENT_ID=<your_client_id_here>
GITHUB_CLIENT_SECRET=<your_client_secret_here>
GITHUB_CALLBACK_URI=<your_callback_uri_from_above>

Socialite Configuration

The last piece of the puzzle is to let socialite know your GitHub keys and callback URI. To do so, just add the following code to your config/services.php configuration file

'github' => [
    'client_id' => env('GITHUB_CLIENT_ID'),
    'client_secret' => env('GITHUB_CLIENT_SECRET'),
    'redirect' => env('GITHUB_CALLBACK_URI'),
],

And that's it, you can now go to the login page, click that GitHub button we have created and log in with your GitHub account.

/resources
    /lang
        /en
            app.php
        /es
            app.php

Available Locales

Out of the box, you can switch among the following locales:

• English
• Serbian Latin
• German

More locales will be added in the future.

Translating Vanguard

If you want to translate the Vanguard application, all you need to do is to create a subfolder inside resources/lang directory that matches your locale, copy the files from the existing locale (en for example), and translate them into your language.

Note! Vanguard specific file is app.php. All other files are Laravel's default localization files, and there is a big chance that someone has already translated those files for you. Check it out here.

For example, if we want to translate Vanguard to Russian, we will do the following:

1. Create a new folder inside resources/lang called ru.

2. Copy the app.php files from resources/lang/en to your newly created ru folder.

3. Translate the copied file to Russian.

4. Download Laravel's default translation files for the Russian language from here and put them inside your newly created ru folder.

Enabling a New Application Locale

Now, when you have your translations ready, you just need to update the app/Support/Locale.php file and add the new translation.

For example, if we want to set our language to Russian, we would set that variable as follows:

//...
public const AVAILABLE_LOCALES = ['en', 'de', 'sr', 'ru'];

public static function flagUrl(string $locale): ?string
{
    return match ($locale) {
        'en' => url('/flags/GB.png'),
        'de' => url('/flags/DE.png'),
        'sr' => url('/flags/RS.png'),
        'ru' => url('/flags/RU.png'),
        default => null,
    };
}
//...

After this, a new locale will show up in the language dropdown and you will be able to switch to it right away.

To enable development mode, all you need to do is to modify your .env file and set APP_ENV and APP_DEBUG to following values:

APP_ENV=local
APP_DEBUG=true

Debug Bar

Vanguard comes with awesome Laravel Debugbar package that is automatically enabled for you if you enable development mode like it is described above. The package itself is very helpful during the development process, and you can use it to see which queries are executed during page load, to check the session data etc.

NOTE: While doing the upgrade, it's always a good idea to have the Development Mode​ turned on so you can easily see the errors on the screen.

To 10.0.3 from 10.0.2

Fixed installation wizard issue and issue with sending approval notification email. Affected files:

 app/Http/Controllers/Web/InstallController.php            |   2 +-
 app/Listeners/Approve/SendWaitingApprovalNotification.php |   2 +-

To 10.0.2 from 10.0.1

Fixes some glitches reported by the users, mainly caused by changes in the default namespace of the application.

The fixes are:

• Fix the issue with sending password reset emails
• Fix the `php artisan optimize` command
• Fix the avatar image URL
• Fix the issue with using Vanguard for the existing website

The list of changed files is available below. Some files are updated just for cleaning up purposes, so make sure that you compare them before updating:

 app/Http/Controllers/Web/TwoFactorController.php       | 10 ----------
 app/Http/Middleware/CheckPermissions.php               |  2 +-
 app/Models/User.php                                    |  2 +-
 app/Presenters/UserPresenter.php                       |  2 +-
 bootstrap/app.php                                      |  1 +
 config/app.php                                         |  2 +-
 config/cache.php                                       |  2 +-
 database/factories/UserFactory.php                     |  4 +---
 extra/auth.php                                         |  2 +-
 phpunit.xml                                            | 50 ++++++++++++++++++++++++++------------------------
 resources/views/user/partials/two-factor.blade.php     |  2 +-
 resources/views/user/two-factor-verification.blade.php | 73 -------------------------------------------------------------------------
 routes/web.php                                         | 12 ++++--------
 storage/settings.json                                  |  2 +-
 tests/CreatesApplication.php                           | 24 ------------------------
 tests/Feature/Api/Profile/AvatarControllerTest.php     | 14 +++++++-------
 tests/Feature/Api/SessionsControllerTest.php           | 12 ++++++------
 tests/Feature/Api/Users/AvatarControllerTest.php       | 16 ++++++++--------
 tests/Feature/Api/Users/SessionsControllerTest.php     |  7 +++----
 tests/Feature/Web/LoginTest.php                        | 30 +++++++++++++-----------------
 tests/Feature/Web/RegistrationTest.php                 | 25 +++++++++----------------
 tests/Feature/Web/Settings/AuthSettingsTest.php        | 45 +++++++++++++++++----------------------------
 tests/Feature/Web/SettingsTest.php                     | 24 +++++-------------------
 tests/TestCase.php                                     |  2 --
 tests/Unit/Presenters/UserPresenterTest.php            | 14 +++++++-------
 25 files changed, 115 insertions(+), 264 deletions(-)

To 10.0.1 from 10.0.0

This version contains just a fix in the installation wizard. If you are already using Vanguard, there is no need to update any of the files. 

If you are installing it from scratch, just download the latest version from CodeCanyon, and you should be good to go.

The list of changed files is available below:

 .env.example                                   | 46 +-
 app/Http/Controllers/Web/InstallController.php | 47 +--
 bootstrap/app.php                              |  5 ++++-
 config/app.php                                 |  2 +-
 config/session.php                             |  2 +-
composer.lock                                   | 42 +- // updated composer packages to latest versions

To 10.0.0 from 9.1.0

Laravel 12 upgrade.

Along with the Laravel 12 upgrade, which comes with a bit reorganized folder structure, the default namespace is changed to "App" instead of "Vanguard". This change was not required by Laravel 12, however, we made the decision to keep it consistent with Laravel's defaults, instead of having a custom namespace.

The list of changed files is available below. Keep in mind that in the majority of files the only change is the namespace change at the top of the file:

 app/Console/Kernel.php                                                      |    27 -
 app/Events/Event.php                                                        |     2 +-
 app/Events/Permission/Created.php                                           |     2 +-
 app/Events/Permission/Deleted.php                                           |     2 +-
 app/Events/Permission/PermissionEvent.php                                   |     4 +-
 app/Events/Permission/Updated.php                                           |     2 +-
 app/Events/Role/Created.php                                                 |     2 +-
 app/Events/Role/Deleted.php                                                 |     2 +-
 app/Events/Role/PermissionsUpdated.php                                      |     2 +-
 app/Events/Role/RoleEvent.php                                               |     4 +-
 app/Events/Role/Updated.php                                                 |     2 +-
 app/Events/Settings/Updated.php                                             |     2 +-
 app/Events/User/Approved.php                                                |     4 +-
 app/Events/User/Banned.php                                                  |     4 +-
 app/Events/User/ChangedAvatar.php                                           |     2 +-
 app/Events/User/Created.php                                                 |     4 +-
 app/Events/User/Deleted.php                                                 |     4 +-
 app/Events/User/LoggedIn.php                                                |     2 +-
 app/Events/User/LoggedOut.php                                               |     2 +-
 app/Events/User/RequestedPasswordResetEmail.php                             |     4 +-
 app/Events/User/TwoFactorDisabled.php                                       |     2 +-
 app/Events/User/TwoFactorDisabledByAdmin.php                                |     4 +-
 app/Events/User/TwoFactorEnabled.php                                        |     2 +-
 app/Events/User/TwoFactorEnabledByAdmin.php                                 |     4 +-
 app/Events/User/UpdatedByAdmin.php                                          |     4 +-
 app/Events/User/UpdatedProfileDetails.php                                   |     2 +-
 app/Exceptions/Handler.php                                                  |    40 -
 app/Http/Controllers/Api/ApiController.php                                  |     4 +-
 app/Http/Controllers/Api/Auth/AuthController.php                            |    12 +-
 app/Http/Controllers/Api/Auth/Password/RemindController.php                 |    12 +-
 app/Http/Controllers/Api/Auth/Password/ResetController.php                  |     6 +-
 app/Http/Controllers/Api/Auth/RegistrationController.php                    |    14 +-
 app/Http/Controllers/Api/Auth/SocialLoginController.php                     |    12 +-
 app/Http/Controllers/Api/Auth/VerificationController.php                    |     6 +-
 app/Http/Controllers/Api/Authorization/PermissionsController.php            |    16 +-
 app/Http/Controllers/Api/Authorization/RolePermissionsController.php        |    14 +-
 app/Http/Controllers/Api/Authorization/RolesController.php                  |    18 +-
 app/Http/Controllers/Api/CountriesController.php                            |     6 +-
 app/Http/Controllers/Api/Profile/AuthDetailsController.php                  |    10 +-
 app/Http/Controllers/Api/Profile/AvatarController.php                       |    14 +-
 app/Http/Controllers/Api/Profile/DetailsController.php                      |    12 +-
 app/Http/Controllers/Api/Profile/SessionsController.php                     |     8 +-
 app/Http/Controllers/Api/Profile/TwoFactorController.php                    |    12 +-
 app/Http/Controllers/Api/SessionsController.php                             |     6 +-
 app/Http/Controllers/Api/SettingsController.php                             |     2 +-
 app/Http/Controllers/Api/StatsController.php                                |     8 +-
 app/Http/Controllers/Api/Users/AvatarController.php                         |    16 +-
 app/Http/Controllers/Api/Users/SessionsController.php                       |    10 +-
 app/Http/Controllers/Api/Users/TwoFactorController.php                      |    14 +-
 app/Http/Controllers/Api/Users/UsersController.php                          |    24 +-
 app/Http/Controllers/Controller.php                                         |     2 +-
 app/Http/Controllers/Web/Auth/ForgotPasswordController.php                  |     4 +-
 app/Http/Controllers/Web/Auth/LoginController.php                           |    20 +-
 app/Http/Controllers/Web/Auth/RegisterController.php                        |    12 +-
 app/Http/Controllers/Web/Auth/ResetPasswordController.php                   |     4 +-
 app/Http/Controllers/Web/Auth/SocialAuthController.php                      |    12 +-
 app/Http/Controllers/Web/Auth/TwoFactorTokenController.php                  |    12 +-
 app/Http/Controllers/Web/Auth/VerificationController.php                    |     4 +-
 app/Http/Controllers/Web/Authorization/PermissionsController.php            |    14 +-
 app/Http/Controllers/Web/Authorization/RolePermissionsController.php        |     8 +-
 app/Http/Controllers/Web/Authorization/RolesController.php                  |    14 +-
 app/Http/Controllers/Web/DashboardController.php                            |     4 +-
 app/Http/Controllers/Web/InstallController.php                              |     4 +-
 app/Http/Controllers/Web/Profile/AvatarController.php                       |    10 +-
 app/Http/Controllers/Web/Profile/DetailsController.php                      |    10 +-
 app/Http/Controllers/Web/Profile/LoginDetailsController.php                 |    10 +-
 app/Http/Controllers/Web/Profile/ProfileController.php                      |    12 +-
 app/Http/Controllers/Web/Profile/SessionsController.php                     |     6 +-
 app/Http/Controllers/Web/SettingsController.php                             |     6 +-
 app/Http/Controllers/Web/TwoFactorController.php                            |    18 +-
 app/Http/Controllers/Web/Users/AvatarController.php                         |    12 +-
 app/Http/Controllers/Web/Users/DetailsController.php                        |    18 +-
 app/Http/Controllers/Web/Users/LoginDetailsController.php                   |    12 +-
 app/Http/Controllers/Web/Users/SessionsController.php                       |     8 +-
 app/Http/Controllers/Web/Users/UsersController.php                          |    18 +-
 app/Http/Filters/UserKeywordSearch.php                                      |     2 +-
 app/Http/Kernel.php                                                         |    98 -
 app/Http/Middleware/Authenticate.php                                        |     2 +-
 app/Http/Middleware/CheckIfBanned.php                                       |     2 +-
 app/Http/Middleware/CheckPermissions.php                                    |     2 +-
 app/Http/Middleware/CheckRole.php                                           |     2 +-
 app/Http/Middleware/DatabaseSession.php                                     |     2 +-
 app/Http/Middleware/EncryptCookies.php                                      |     2 +-
 app/Http/Middleware/EnsureUserIsApproved.php                                |     2 +-
 app/Http/Middleware/ForcePasswordChange.php                                 |     4 +-
 app/Http/Middleware/PasswordResetEnabled.php                                |     2 +-
 app/Http/Middleware/PreventRequestsDuringMaintenance.php                    |     2 +-
 app/Http/Middleware/RedirectIfAuthenticated.php                             |     4 +-
 app/Http/Middleware/RegistrationEnabled.php                                 |     2 +-
 app/Http/Middleware/SetLocale.php                                           |     4 +-
 app/Http/Middleware/SocialLogin.php                                         |     2 +-
 app/Http/Middleware/TrimStrings.php                                         |     2 +-
 app/Http/Middleware/TrustHosts.php                                          |     2 +-
 app/Http/Middleware/TrustProxies.php                                        |     2 +-
 app/Http/Middleware/TwoFactorEnabled.php                                    |     2 +-
 app/Http/Middleware/UseApiGuard.php                                         |     2 +-
 app/Http/Middleware/VerifyCsrfToken.php                                     |     2 +-
 app/Http/Middleware/VerifyInstallation.php                                  |     4 +-
 app/Http/Middleware/VerifyTwoFactorCode.php                                 |     4 +-
 app/Http/Requests/Auth/ApiLoginRequest.php                                  |     2 +-
 app/Http/Requests/Auth/ApiVerifyEmailRequest.php                            |     2 +-
 app/Http/Requests/Auth/LoginRequest.php                                     |     4 +-
 app/Http/Requests/Auth/PasswordRemindRequest.php                            |     4 +-
 app/Http/Requests/Auth/PasswordResetRequest.php                             |     4 +-
 app/Http/Requests/Auth/RegisterRequest.php                                  |     6 +-
 app/Http/Requests/Auth/Social/ApiAuthenticateRequest.php                    |     4 +-
 app/Http/Requests/Auth/Social/SaveEmailRequest.php                          |     4 +-
 app/Http/Requests/Permission/BasePermissionRequest.php                      |     2 +-
 app/Http/Requests/Permission/CreatePermissionRequest.php                    |     4 +-
 app/Http/Requests/Permission/RemovePermissionRequest.php                    |     4 +-
 app/Http/Requests/Permission/UpdatePermissionRequest.php                    |     4 +-
 app/Http/Requests/Request.php                                               |     2 +-
 app/Http/Requests/Role/CreateRoleRequest.php                                |     4 +-
 app/Http/Requests/Role/RemoveRoleRequest.php                                |     4 +-
 app/Http/Requests/Role/UpdateRolePermissionsRequest.php                     |     6 +-
 app/Http/Requests/Role/UpdateRoleRequest.php                                |     4 +-
 app/Http/Requests/TwoFactor/DisableTwoFactorRequest.php                     |     2 +-
 app/Http/Requests/TwoFactor/EnableTwoFactorRequest.php                      |     2 +-
 app/Http/Requests/TwoFactor/ReSendTwoFactorTokenRequest.php                 |     2 +-
 app/Http/Requests/TwoFactor/TwoFactorLoginRequest.php                       |     4 +-
 app/Http/Requests/TwoFactor/TwoFactorRequest.php                            |     8 +-
 app/Http/Requests/TwoFactor/VerifyTwoFactorTokenRequest.php                 |     2 +-
 app/Http/Requests/User/CreateUserRequest.php                                |     4 +-
 app/Http/Requests/User/UpdateDetailsRequest.php                             |     4 +-
 app/Http/Requests/User/UpdateLoginDetailsRequest.php                        |     6 +-
 app/Http/Requests/User/UpdateProfileDetailsRequest.php                      |     4 +-
 app/Http/Requests/User/UpdateProfileLoginDetailsRequest.php                 |     4 +-
 app/Http/Requests/User/UpdateUserRequest.php                                |     6 +-
 app/Http/Requests/User/UploadAvatarRawRequest.php                           |     4 +-
 app/Http/Resources/CountryResource.php                                      |     2 +-
 app/Http/Resources/PermissionResource.php                                   |     2 +-
 app/Http/Resources/RoleResource.php                                         |     2 +-
 app/Http/Resources/SessionResource.php                                      |     2 +-
 app/Http/Resources/UserResource.php                                         |     2 +-
 app/Listeners/Approve/SendApprovedNotification.php                          |     4 +-
 app/Listeners/Approve/SendWaitingApprovalNotification.php                   |     6 +-
 app/Listeners/Login/UpdateLastLoginTimestamp.php                            |     6 +-
 app/Listeners/Registration/SendSignUpNotification.php                       |    10 +-
 app/Listeners/Users/ActivateUser.php                                        |     6 +-
 app/Listeners/Users/InvalidateSessions.php                                  |     6 +-
 app/Mail/ResetPassword.php                                                  |     2 +-
 app/Mail/UserApproved.php                                                   |     2 +-
 app/Mail/UserRegistered.php                                                 |     4 +-
 app/Mail/WaitingApproval.php                                                |     4 +-
 app/{ => Models}/Country.php                                                |     2 +-
 app/{ => Models}/Permission.php                                             |     2 +-
 app/{ => Models}/Role.php                                                   |     4 +-
 app/{ => Models}/User.php                                                   |    14 +-
 app/Presenters/Presenter.php                                                |     2 +-
 app/Presenters/Traits/Presentable.php                                       |     4 +-
 app/Presenters/UserPresenter.php                                            |     4 +-
 app/Providers/AppServiceProvider.php                                        |    60 +-
 app/Providers/AuthServiceProvider.php                                       |     6 +-
 app/Providers/BroadcastServiceProvider.php                                  |    34 -
 app/Providers/EventServiceProvider.php                                      |    63 -
 app/Providers/FortifyServiceProvider.php                                    |     2 +-
 app/Providers/RouteServiceProvider.php                                      |   114 -
 app/Providers/VanguardServiceProvider.php                                   |    26 +-
 app/Repositories/Country/CountryRepository.php                              |     4 +-
 app/Repositories/Country/EloquentCountry.php                                |     4 +-
 app/Repositories/Permission/EloquentPermission.php                          |    10 +-
 app/Repositories/Permission/PermissionRepository.php                        |     4 +-
 app/Repositories/Role/EloquentRole.php                                      |    10 +-
 app/Repositories/Role/RoleRepository.php                                    |     4 +-
 app/Repositories/Session/DbSession.php                                      |     4 +-
 app/Repositories/Session/SessionRepository.php                              |     2 +-
 app/Repositories/User/EloquentUser.php                                      |    16 +-
 app/Repositories/User/UserRepository.php                                    |     6 +-
 app/Rules/ValidPermissionName.php                                           |     2 +-
 app/Services/Auth/Social/ManagesSocialAvatarSize.php                        |     2 +-
 app/Services/Auth/Social/SocialManager.php                                  |    12 +-
 app/Services/Auth/ThrottlesLogins.php                                       |     2 +-
 app/Services/Auth/TwoFactor/Authenticatable.php                             |     2 +-
 app/Services/Auth/TwoFactor/Contracts/Authenticatable.php                   |     2 +-
 app/Services/Auth/TwoFactor/Contracts/Provider.php                          |     4 +-
 app/Services/Auth/TwoFactor/Facade.php                                      |     2 +-
 app/Services/Upload/UserAvatarManager.php                                   |    10 +-
 app/Support/Authorization/AuthorizationRoleTrait.php                        |     4 +-
 app/Support/Authorization/AuthorizationUserTrait.php                        |     4 +-
 app/Support/Authorization/PasswordChangeManager.php                         |     2 +-
 app/Support/CanImpersonateUsers.php                                         |     4 +-
 app/Support/Enum/UserStatus.php                                             |     2 +-
 app/Support/Locale.php                                                      |     2 +-
 app/Support/Plugins/Dashboard/Dashboard.php                                 |     4 +-
 app/Support/Plugins/Dashboard/Widgets/BannedUsers.php                       |     6 +-
 app/Support/Plugins/Dashboard/Widgets/LatestRegistrations.php               |     4 +-
 app/Support/Plugins/Dashboard/Widgets/NewUsers.php                          |     4 +-
 app/Support/Plugins/Dashboard/Widgets/RegistrationHistory.php               |     4 +-
 app/Support/Plugins/Dashboard/Widgets/TotalUsers.php                        |     4 +-
 app/Support/Plugins/Dashboard/Widgets/UnconfirmedUsers.php                  |     6 +-
 app/Support/Plugins/Dashboard/Widgets/UserActions.php                       |     4 +-
 app/Support/Plugins/Dashboard/Widgets/UsersAwaitingApproval.php             |     6 +-
 app/Support/Plugins/RolesAndPermissions.php                                 |     4 +-
 app/Support/Plugins/Settings.php                                            |     6 +-
 app/Support/Plugins/Users.php                                               |     4 +-
 app/Support/Sidebar/Item.php                                                |     4 +-
 app/View/Components/Logo.php                                                |     2 +-
 bootstrap/app.php                                                           |   106 +-
 bootstrap/providers.php                                                     |     8 +
 composer.json                                                               |    59 +-
 composer.lock                                                               |  2289 ++++++++++-------
 config/app.php                                                              |    88 +-
 config/auth.php                                                             |     8 +-
 config/broadcasting.php                                                     |    67 -
 config/cache.php                                                            |    36 +-
 config/cors.php                                                             |    34 -
 config/database.php                                                         |    31 +-
 config/filesystems.php                                                      |    16 +-
 config/hashing.php                                                          |    52 -
 config/logging.php                                                          |    51 +-
 config/mail.php                                                             |    51 +-
 config/queue.php                                                            |    39 +-
 config/sanctum.php                                                          |    23 +-
 config/services.php                                                         |     2 +-
 config/session.php                                                          |    86 +-
 config/view.php                                                             |    36 -
 database/factories/CountryFactory.php                                       |     2 +-
 database/factories/PermissionFactory.php                                    |     2 +-
 database/factories/RoleFactory.php                                          |     2 +-
 database/factories/UserFactory.php                                          |     8 +-
 database/seeders/PermissionsSeeder.php                                      |     4 +-
 database/seeders/RolesSeeder.php                                            |     2 +-
 database/seeders/UserSeeder.php                                             |     6 +-
 resources/views/auth/login.blade.php                                        |     2 +-
 resources/views/auth/passwords/email.blade.php                              |     2 +-
 resources/views/auth/passwords/reset.blade.php                              |     2 +-
 resources/views/auth/register.blade.php                                     |     2 +-
 resources/views/partials/locale-dropdown.blade.php                          |     2 +-
 resources/views/permission/add-edit.blade.php                               |     4 +-
 resources/views/plugins/dashboard/widgets/users-awaiting-approval.blade.php |     2 +-
 resources/views/role/add-edit.blade.php                                     |     4 +-
 resources/views/user/add.blade.php                                          |     2 +-
 resources/views/user/edit.blade.php                                         |     6 +-
 resources/views/user/partials/details.blade.php                             |     4 +-
 resources/views/user/profile.blade.php                                      |     8 +-
 routes/api.php                                                              |    99 +-
 routes/web.php                                                              |   164 +-
 tests/Feature/Api/Auth/AuthControllerTest.php                               |    36 +-
 tests/Feature/Api/Auth/Password/RemindControllerTest.php                    |    12 +-
 tests/Feature/Api/Auth/Password/ResetControllerTest.php                     |    14 +-
 tests/Feature/Api/Auth/RegistrationControllerTest.php                       |    18 +-
 tests/Feature/Api/Auth/SocialLoginControllerTest.php                        |    26 +-
 tests/Feature/Api/Authorization/PermissionsControllerTest.php               |    46 +-
 tests/Feature/Api/Authorization/RolePermissionsControllerTest.php           |    24 +-
 tests/Feature/Api/Authorization/RolesControllerTest.php                     |    46 +-
 tests/Feature/Api/CountriesControllerTest.php                               |    12 +-
 tests/Feature/Api/Profile/AuthDetailsControllerTest.php                     |    24 +-
 tests/Feature/Api/Profile/AvatarControllerTest.php                          |    24 +-
 tests/Feature/Api/Profile/DetailsControllerTest.php                         |    30 +-
 tests/Feature/Api/Profile/SessionsControllerTest.php                        |    18 +-
 tests/Feature/Api/Profile/TwoFactorControllerTest.php                       |    34 +-
 tests/Feature/Api/SessionsControllerTest.php                                |    30 +-
 tests/Feature/Api/SettingsControllerTest.php                                |    14 +-
 tests/Feature/Api/StatsControllerTest.php                                   |    22 +-
 tests/Feature/Api/Users/AvatarControllerTest.php                            |    32 +-
 tests/Feature/Api/Users/SessionsControllerTest.php                          |    18 +-
 tests/Feature/Api/Users/TwoFactorControllerTest.php                         |    40 +-
 tests/Feature/Api/Users/UsersControllerTest.php                             |    66 +-
 tests/Feature/ApiTestCase.php                                               |     2 +-
 tests/Feature/Web/ImpersonateUsersTest.php                                  |    26 +-
 tests/Feature/Web/LoginTest.php                                             |    56 +-
 tests/Feature/Web/PermissionsTest.php                                       |    76 +-
 tests/Feature/Web/RegistrationTest.php                                      |    40 +-
 tests/Feature/Web/RolesTest.php                                             |    50 +-
 tests/Feature/Web/Settings/ApprovalSettingsTest.php                         |     8 +-
 tests/Feature/Web/Settings/AuthSettingsTest.php                             |     8 +-
 tests/Feature/Web/Settings/CaptchaSettingsTest.php                          |     8 +-
 tests/Feature/Web/Settings/GeneralSettingsTest.php                          |     8 +-
 tests/Feature/Web/Settings/TwoFactorSettingsTest.php                        |     8 +-
 tests/Feature/Web/SettingsTest.php                                          |    16 +-
 tests/Feature/Web/SocialAuthenticationTest.php                              |    28 +-
 tests/Feature/Web/TwoFactorAuthTest.php                                     |    56 +-
 tests/Feature/Web/UpdateProfileTest.php                                     |    48 +-
 tests/Feature/Web/UsersTest.php                                             |   156 +-
 tests/Setup/RoleFactory.php                                                 |     4 +-
 tests/Setup/UserFactory.php                                                 |     6 +-
 tests/Unit/Presenters/UserPresenterTest.php                                 |    32 +-
 tests/Unit/Repositories/Country/EloquentCountryTest.php                     |     8 +-
 tests/Unit/Repositories/Permission/EloquentPermissionTest.php               |    30 +-
 tests/Unit/Repositories/Role/EloquentRoleTest.php                           |    37 +-
 tests/Unit/Repositories/Session/DbSessionTest.php                           |    20 +-
 tests/Unit/Repositories/User/EloquentUserTest.php                           |    96 +-
 283 files changed, 10865 insertions(+), 10867 deletions(-)

To 9.1.0 from 9.0.0

Two new features added!

We've added support for "Pending" users, meaning that, if the feature is enabled, users will have to be approved by an admin to be able to log in to Vanguard. After a user is approved by the admin, they'll get an email notification that their account is approved and that he is able to log in.

Another new feature is the ability to force a password reset on the next login. When this feature is enabled, all users created by the admin will be requested to reset their password on their next login. Admins can also request a password reset for any user who's currently in the system.

The list of changed files is available below:

 app/Events/User/Approved.php                                                |   17 +
 app/Http/Controllers/Api/Auth/AuthController.php                            |    4 +
 app/Http/Controllers/Api/Auth/RegistrationController.php                    |    2 +-
 app/Http/Controllers/Api/Auth/SocialLoginController.php                     |    4 +
 app/Http/Controllers/Api/Users/UsersController.php                          |    2 +-
 app/Http/Controllers/Web/Auth/LoginController.php                           |   16 +-
 app/Http/Controllers/Web/Auth/RegisterController.php                        |    9 +-
 app/Http/Controllers/Web/Auth/SocialAuthController.php                      |   20 +-
 app/Http/Controllers/Web/Profile/LoginDetailsController.php                 |    7 +-
 app/Http/Controllers/Web/SettingsController.php                             |   29 ++
 app/Http/Controllers/Web/Users/DetailsController.php                        |   27 ++
 app/Http/Controllers/Web/Users/LoginDetailsController.php                   |    1 +
 app/Http/Controllers/Web/Users/UsersController.php                          |    2 +
 app/Http/Kernel.php                                                         |    2 +
 app/Http/Middleware/EnsureUserIsApproved.php                                |   27 ++
 app/Http/Middleware/ForcePasswordChange.php                                 |   34 ++
 app/Http/Requests/Auth/RegisterRequest.php                                  |   11 +-
 app/Listeners/Approve/SendApprovedNotification.php                          |   22 ++
 app/Listeners/Approve/SendWaitingApprovalNotification.php                   |   26 ++
 app/Listeners/Users/ActivateUser.php                                        |    2 +-
 app/Mail/UserApproved.php                                                   |   24 ++
 app/Mail/WaitingApproval.php                                                |   25 ++
 app/Providers/EventServiceProvider.php                                      |    7 +
 app/Providers/VanguardServiceProvider.php                                   |    2 +
 app/Services/Auth/Social/SocialManager.php                                  |    2 +-
 app/Support/Authorization/PasswordChangeManager.php                         |   44 +++
 app/Support/Enum/UserStatus.php                                             |    9 +-
 app/Support/Plugins/Dashboard/Widgets/UsersAwaitingApproval.php             |   42 ++
 app/User.php                                                                |    7 +-
 composer.json                                                               |    2 +-
 composer.lock                                                               | 2440 +-
 database/migrations/2024_07_24_113901_add_force_password_change_column.php  |   29 ++
 public/assets/css/app.css                                                   |    2 +-
 public/assets/js/delete.handler.js                                          |    2 +-
 public/assets/js/vendor.js                                                  |    2 +-
 public/mix-manifest.json                                                    |    6 +-
 resources/lang/de.json                                                      |   20 +-
 resources/lang/de/app.php                                                   |    1 +
 resources/lang/de/auth.php                                                  |    1 +
 resources/lang/en/app.php                                                   |    1 +
 resources/lang/en/auth.php                                                  |    1 +
 resources/lang/sr.json                                                      |   20 +-
 resources/lang/sr/app.php                                                   |    1 +
 resources/lang/sr/auth.php                                                  |    1 +
 resources/views/auth/approval.blade.php                                     |   17 +
 resources/views/auth/social/buttons.blade.php                               |    8 +-
 resources/views/mail/user-approved.blade.php                                |   12 +
 resources/views/mail/waiting-approval.blade.php                             |   18 +
 resources/views/plugins/dashboard/widgets/users-awaiting-approval.blade.php |    8 +
 resources/views/settings/auth.blade.php                                     |    4 +-
 resources/views/settings/partials/confirm-flow.blade.php                    |   31 ++
 resources/views/settings/partials/password-change.blade.php                 |   31 ++
 resources/views/user/add.blade.php                                          |    2 +-
 resources/views/user/edit.blade.php                                         |   19 +-
 resources/views/user/list.blade.php                                         |    2 +-
 resources/views/user/partials/auth.blade.php                                |   20 +-
 resources/views/user/partials/details.blade.php                             |    2 +-
 resources/views/user/partials/row.blade.php                                 |   22 +-
 resources/views/user/profile.blade.php                                      |   17 +-
 routes/api.php                                                              |    2 +-
 routes/web.php                                                              |   24 +-
 storage/settings.json                                                       |    2 +-
 tests/Feature/Web/LoginTest.php                                             |   36 ++
 tests/Feature/Web/RegistrationTest.php                                      |   45 +++
 tests/Feature/Web/Settings/ApprovalSettingsTest.php                         |   49 +++
 65 files changed, 2016 insertions(+), 1310 deletions(-)

To 9.0.0 from 8.1.1

Laravel 11 and Two Factor update.

We've updated Vanguard to the most recent version of Laravel in this version. That means that the Laravel version in the composer.json file has been updated along with versions for some third-party packages, so the first thing to do is to make sure that you update that one as well.

A second big change is that we've removed the laravelcollective/html package which means that the majority of blade files have been updated since it changed the way how we rendered the forms, form inputs, style, and script tags. 

The third important update is that we've replaced Authy two-factor authentication with a QR code one, so Authy-related classes and methods are no longer part of the project. If you are already using Authy for 2FA, there is no need to change anything or remove those files. If you are not using it, feel free to remove the files and add the newly added files for the new 2FA implementation.

The logo file has been renamed and we've introduced a new logo blade component. The purpose of this is to make logo customization much easier and to keep everything in one place.

The list of changed files is available below:

 app/Http/Controllers/Api/Profile/TwoFactorController.php                         |   57 +--
 app/Http/Controllers/Api/Users/TwoFactorController.php                           |   41 +-
 app/Http/Controllers/Web/Auth/LoginController.php                                |    7 +-
 app/Http/Controllers/Web/Auth/SocialAuthController.php                           |    3 +-
 app/Http/Controllers/Web/Auth/TwoFactorTokenController.php                       |   13 +-
 app/Http/Controllers/Web/InstallController.php                                   |    2 +-
 app/Http/Controllers/Web/Profile/AvatarController.php                            |    2 +-
 app/Http/Controllers/Web/Profile/ProfileController.php                           |    2 +-
 app/Http/Controllers/Web/TwoFactorController.php                                 |   70 +--
 app/Http/Kernel.php                                                              |    2 +-
 app/Http/Middleware/{VerifyTwoFactorPhone.php => VerifyTwoFactorCode.php}        |    4 +-
 app/Http/Requests/TwoFactor/EnableTwoFactorRequest.php                           |    5 +-
 app/Http/Requests/TwoFactor/TwoFactorLoginRequest.php                            |   61 +++
 app/Http/Requests/TwoFactor/VerifyTwoFactorTokenRequest.php                      |    2 +-
 app/Providers/FortifyServiceProvider.php                                         |   24 +
 app/Providers/HtmlServiceProvider.php                                            |   34 --
 app/Repositories/Role/EloquentRole.php                                           |    2 +-
 app/Repositories/Role/RoleRepository.php                                         |    2 +-
 app/Services/Auth/TwoFactor/Authy.php                                            |   95 ----
 app/Services/Auth/TwoFactor/AuthyServiceProvider.php                             |   21 -
 app/User.php                                                                     |   15 +-
 app/View/Components/Logo.php                                                     |   40 ++
 composer.json                                                                    |   24 +-
 config/app.php                                                                   |   14 +-
 config/cache.php                                                                 |    3 +
 config/database.php                                                              |   25 +-
 config/filesystems.php                                                           |    5 +
 config/fortify.php                                                               |  159 ++++++
 config/mail.php                                                                  |   17 +-
 config/queue.php                                                                 |   17 +
 config/services.php                                                              |   11 +
 config/session.php                                                               |   14 +-
 database/migrations/2024_07_10_131649_add_two_factor_columns_to_users_table.php  |   46 ++
 public/assets/img/{vanguard-logo-no-text.png => logo-no-text.png}                |  Bin
 public/assets/img/{vanguard-logo.png => logo.png}                                |  Bin
 resources/lang/de.json                                                           |   10 +-
 resources/lang/sr.json                                                           |   12 +-
 resources/views/auth/login.blade.php                                             |    4 +-
 resources/views/auth/passwords/email.blade.php                                   |    2 +-
 resources/views/auth/passwords/reset.blade.php                                   |    2 +-
 resources/views/auth/register.blade.php                                          |    2 +-
 resources/views/auth/token.blade.php                                             |    8 +-
 resources/views/components/logo.blade.php                                        |    4 +
 resources/views/install/database.blade.php                                       |    7 +-
 resources/views/install/installation.blade.php                                   |    7 +-
 resources/views/layouts/auth.blade.php                                           |   10 +-
 resources/views/layouts/install.blade.php                                        |    8 +-
 resources/views/partials/navbar.blade.php                                        |    4 +-
 resources/views/permission/add-edit.blade.php                                    |    8 +-
 resources/views/permission/index.blade.php                                       |   25 +-
 resources/views/plugins/dashboard/widgets/registration-history-scripts.blade.php |    5 +-
 resources/views/role/add-edit.blade.php                                          |    7 +-
 resources/views/settings/general.blade.php                                       |    5 +-
 resources/views/settings/notifications.blade.php                                 |    5 +-
 resources/views/settings/partials/auth.blade.php                                 |   12 +-
 resources/views/settings/partials/recaptcha.blade.php                            |   22 +-
 resources/views/settings/partials/registration.blade.php                         |   22 +-
 resources/views/settings/partials/throttling.blade.php                           |   13 +-
 resources/views/settings/partials/two-factor.blade.php                           |   23 +-
 resources/views/user/add.blade.php                                               |    9 +-
 resources/views/user/edit.blade.php                                              |   24 +-
 resources/views/user/list.blade.php                                              |   15 +-
 resources/views/user/partials/details.blade.php                                  |   30 +-
 resources/views/user/partials/two-factor.blade.php                               |  101 ++--
 resources/views/user/profile.blade.php                                           |   27 +-
 resources/views/user/two-factor-verification.blade.php                           |   11 +-
 resources/views/vendor/mail/html/message.blade.php                               |    2 +-
 resources/views/vendor/notifications/email.blade.php                             |    2 +-
 routes/web.php                                                                   |   22 +-
 storage/settings.json                                                            |    2 +-
 tests/Feature/Api/Profile/TwoFactorControllerTest.php                            |   94 ++--
 tests/Feature/Api/Users/TwoFactorControllerTest.php                              |   85 ++--
 tests/Feature/Web/LoginTest.php                                                  |   48 +-
 tests/Feature/Web/TwoFactorAuthTest.php                                          |  333 +++----------
 tests/Setup/UserFactory.php                                                      |    8 -
 tests/Unit/Repositories/Role/EloquentRoleTest.php                                |    2 +-

To 8.1.1 from 8.1.0

This version contains just a fix in the installation wizard. If you are already using Vanguard, there is no need to update any of the files. 

If you are installing it from scratch, just download the latest version from CodeCanyon and you should be good to go.

The list of changed files is available below:

app/Http/Middleware/VerifyInstallation.php
app/Http/Controllers/Web/InstallController.php
config/app.php // just a version update

To 8.1.0 from 8.0.0

This upgrade brings a couple of new features and fixes some small bugs. 

This version also comes with Larvel Pint so there are a lot of changed files, however, the majority of the changes are caused by Pint or by some cleanup that we performed manually, so you don't have to update them if you don't want to.

Below is the list of new files that you should copy to the appropriate directories:

app/Http/Middleware/SetLocale.php
app/Support/Locale.php
public/flags/RS.png
resources/views/partials/locale-dropdown.blade.php

Below is the list of updated files that you should check since they either contain some new code or are affected by the refactoring. Please check files one by one instead of just overwriting them since this upgrade brings some things like function return types and so on, so if you overwrite the file things might stop working.

app/Http/Controllers/Api/Auth/AuthController.php
app/Http/Controllers/Api/Auth/RegistrationController.php
app/Http/Controllers/Api/Authorization/RolesController.php
app/Http/Controllers/Api/Profile/TwoFactorController.php
app/Http/Controllers/Api/Users/TwoFactorController.php
app/Http/Controllers/Web/Auth/ForgotPasswordController.php
app/Http/Controllers/Web/Auth/LoginController.php
app/Http/Controllers/Web/Auth/RegisterController.php
app/Http/Controllers/Web/Auth/TwoFactorTokenController.php
app/Http/Controllers/Web/Authorization/RolesController.php
app/Http/Controllers/Web/TwoFactorController.php
app/Http/Controllers/Web/Users/DetailsController.php
app/Http/Kernel.php
app/Http/Resources/UserResource.php
app/Listeners/Registration/SendSignUpNotification.php
app/Providers/HtmlServiceProvider.php
app/Repositories/Session/DbSession.php
app/Repositories/User/UserRepository.php
app/Repositories/User/EloquentUser.php
app/Role.php
app/Rules/ValidPermissionName.php
app/Services/Auth/Social/SocialManager.php
app/Support/Enum/UserStatus.php
app/User.php
config/app.php
resources/lang/en/auth.php
resources/lang/en/passwords.php
resources/views/layouts/auth.blade.php
resources/views/partials/navbar.blade.php
resources/views/settings/partials/auth.blade.php
resources/views/user/partials/details.blade.php
resources/views/user/partials/row.blade.php

To 8.0.0 from 7.0.0

Laravel 10 upgrade.

There is a new migration file added for Laravel sanctum named 2023_03_16_151533_add_expires_at_to_personal_access_tokens_table.php, so make sure that you add that migration file to your project and run the `php artisan migrate` command.

If you've changed the applications public directory as it's explained here, make sure that you replace 

$app->instance('path.public', __DIR__);

with

$app->usePublicPath(__DIR__);

The list of modified and removed files is available below. It's highly recommended to check each file and update it if necessary. Some files just contain cosmetic changes, so you don't have to update those files if you don't want to.

 .editorconfig                                                                            |    11 +-
 .gitattributes                                                                           |    15 +-
 .gitignore                                                                               |     6 +
 .styleci.yml                                                                             |     9 +
 app/Http/Controllers/Web/InstallController.php                                           |    35 +-
 app/Support/Plugins/Settings.php                                                         |     7 +-
 app/User.php                                                                             |     5 +-
 composer.json                                                                            |    27 +-
 composer.lock                                                                            |  3515 ++++++-------
 config/app.php                                                                           |    66 +-
 config/broadcasting.php                                                                  |    17 +-
 config/cache.php                                                                         |    12 +-
 config/database.php                                                                      |    16 +-
 config/filesystems.php                                                                   |    15 +
 config/hashing.php                                                                       |     6 +-
 config/logging.php                                                                       |    59 +-
 config/mail.php                                                                          |    15 +-
 config/queue.php                                                                         |     9 +-
 config/sanctum.php                                                                       |    27 +-
 config/session.php                                                                       |     7 +-
 database/migrations/2023_03_16_151533_add_expires_at_to_personal_access_tokens_table.php |    29 +
 package-lock.json                                                                        |  9557 ++++++++++++++++++++++++++++++++++-
 package.json                                                                             |     9 +-
 phpunit.xml                                                                              |     2 +-
 public/assets/css/app.css                                                                |    11 +-
 public/assets/css/vendor.css                                                             |     2 +-
 public/assets/js/vendor.js                                                               |     2 +-
 public/mix-manifest.json                                                                 |     2 +-
 storage/settings.json                                                                    |     2 +-
 tests/Feature/Api/Profile/TwoFactorControllerTest.php                                    |    13 +-
 tests/Feature/Api/Users/AvatarControllerTest.php                                         |    13 +-
 tests/Feature/Api/Users/TwoFactorControllerTest.php                                      |    12 +-
 tests/Feature/Api/Users/UsersControllerTest.php                                          |    13 +-
 tests/Feature/Web/LoginTest.php                                                          |     7 +-
 tests/Feature/Web/PermissionsTest.php                                                    |    36 +-
 tests/Feature/Web/TwoFactorAuthTest.php                                                  |    25 +-
 tests/Feature/Web/UpdateProfileTest.php                                                  |    26 +-
 tests/Feature/Web/UsersTest.php                                                          |     7 +-
 tests/Unit/Presenters/UserPresenterTest.php                                              |     3 +-
 tests/Unit/Repositories/Permission/EloquentPermissionTest.php                            |    24 +-
 tests/Unit/Repositories/Role/EloquentRoleTest.php                                        |    19 +-

To 7.0.0 from 6.1.0

Added support for PHP 8.1 and upgraded to Laravel 9.

The list of modified and removed files is available below. It's highly recommended to check each file and update it if necessary. Some files just contain cosmetic changes, so you don't have to update those files if you don't want to.

 .env.example                                                         |    2 +-
 app/Console/Kernel.php                                               |   12 +-
 app/Exceptions/Handler.php                                           |   24 +-
 app/Http/Controllers/Api/Auth/RegistrationController.php             |   19 +-
 app/Http/Controllers/Api/Auth/SocialLoginController.php              |   18 +-
 app/Http/Controllers/Api/Authorization/PermissionsController.php     |    8 +-
 app/Http/Controllers/Api/Authorization/RolePermissionsController.php |    8 +-
 app/Http/Controllers/Api/Authorization/RolesController.php           |    8 +-
 app/Http/Controllers/Api/Profile/AvatarController.php                |   14 +-
 app/Http/Controllers/Api/SessionsController.php                      |    8 +-
 app/Http/Controllers/Api/StatsController.php                         |    9 +-
 app/Http/Controllers/Api/Users/AvatarController.php                  |   15 +-
 app/Http/Controllers/Api/Users/UsersController.php                   |    9 +-
 app/Http/Controllers/Web/Auth/LoginController.php                    |   13 +-
 app/Http/Controllers/Web/Auth/RegisterController.php                 |   13 +-
 app/Http/Controllers/Web/Auth/SocialAuthController.php               |   15 +-
 app/Http/Controllers/Web/Auth/TwoFactorTokenController.php           |   12 +-
 app/Http/Controllers/Web/Authorization/PermissionsController.php     |   18 +-
 app/Http/Controllers/Web/Authorization/RolePermissionsController.php |   12 +-
 app/Http/Controllers/Web/Authorization/RolesController.php           |   12 +-
 app/Http/Controllers/Web/InstallController.php                       |    2 +-
 app/Http/Controllers/Web/Profile/AvatarController.php                |   12 +-
 app/Http/Controllers/Web/Profile/DetailsController.php               |   12 +-
 app/Http/Controllers/Web/Profile/LoginDetailsController.php          |   12 +-
 app/Http/Controllers/Web/Profile/ProfileController.php               |   27 +-
 app/Http/Controllers/Web/Profile/SessionsController.php              |   11 +-
 app/Http/Controllers/Web/Users/AvatarController.php                  |   14 +-
 app/Http/Controllers/Web/Users/DetailsController.php                 |   12 +-
 app/Http/Controllers/Web/Users/LoginDetailsController.php            |   12 +-
 app/Http/Controllers/Web/Users/SessionsController.php                |   13 +-
 app/Http/Controllers/Web/Users/UsersController.php                   |   12 +-
 app/Http/Kernel.php                                                  |   14 +-
 app/Http/Middleware/Authenticate.php                                 |   16 +-
 app/Http/Middleware/CheckPermissions.php                             |    9 +-
 app/Http/Middleware/CheckRole.php                                    |    9 +-
 app/Http/Middleware/EncryptCookies.php                               |    6 +-
 app/Http/Middleware/PreventRequestsDuringMaintenance.php             |   17 +
 app/Http/Middleware/RedirectIfAuthenticated.php                      |   41 +-
 app/Http/Middleware/TrimStrings.php                                  |    3 +-
 app/Http/Middleware/TrustHosts.php                                   |   20 +
 app/Http/Middleware/TrustProxies.php                                 |   15 +-
 app/Http/Middleware/UseApiGuard.php                                  |   15 +-
 app/Http/Middleware/VerifyCsrfToken.php                              |    2 +-
 app/Http/Middleware/VerifyInstallation.php                           |    4 +
 app/Listeners/Login/UpdateLastLoginTimestamp.php                     |   13 +-
 app/Listeners/Registration/SendSignUpNotification.php                |    8 +-
 app/Listeners/Users/ActivateUser.php                                 |    8 +-
 app/Listeners/Users/InvalidateSessions.php                           |    8 +-
 app/Mail/UserRegistered.php                                          |   13 +-
 app/Presenters/Presenter.php                                         |   11 +-
 app/Providers/EventServiceProvider.php                               |   21 +-
 app/Providers/RouteServiceProvider.php                               |   15 +-
 app/Services/Auth/Social/SocialManager.php                           |   20 +-
 app/Support/Sidebar/Item.php                                         |    2 +-
 composer.json                                                        |   36 +-
 config/app.php                                                       |    2 +-
 tests/Feature/Web/SocialAuthenticationTest.php                       |    3 +-

To 6.1.0 from 6.0.0

Added support for PHP 8 and fixed a few minor issues.

The list of modified and removed files is available below:

 app/Http/Controllers/Web/Auth/SocialAuthController.php |     2 +
 app/Http/Controllers/Web/Users/SessionsController.php  |     2 +-
 app/Http/Middleware/RedirectIfAuthenticated.php        |     4 +-
 app/Providers/AppServiceProvider.php                   |     2 +
 composer.json                                          |    26 +-
 config/app.php                                         |     2 +-
 package.json                                           |    39 +-
 public/assets/css/app.css                              |     2 +-
 public/assets/js/vendor.js                             |     2 +-
 public/mix-manifest.json                               |     4 +-
 resources/js/app.js                                    |    21 -
 resources/js/bootstrap.js                              |    34 +-
 resources/js/components/Example.vue                    |    23 -
 resources/lang/de.json                                 |     2 +-
 resources/lang/sr.json                                 |     2 +-
 resources/sass/components/switch.scss                  |     4 +-

To 6.0.0 from 5.0.1

Upgraded to Laravel 8 and fixed a few minor issues.

The list of modified and removed files is available below (test files are omitted for readability):

 app/Country.php                                                   |    3 +
 app/Http/Controllers/Api/Auth/RegistrationController.php          |    2 +-
 app/Http/Controllers/Web/Users/AvatarController.php               |    2 +-
 app/Permission.php                                                |    3 +
 app/Providers/AppServiceProvider.php                              |    5 +
 app/Role.php                                                      |   14 +-
 app/Services/Auth/Social/SocialManager.php                        |    3 +-
 app/Support/DataArraySerializer.php                               |  100 ----
 app/User.php                                                      |    4 +-
 composer.json                                                     |   50 +-
 config/app.php                                                    |    3 +-
 database/factories/CountryFactory.php                             |   40 +-
 database/factories/PermissionFactory.php                          |   36 +-
 database/factories/RoleFactory.php                                |   36 +-
 database/factories/TokenFactory.php                               |   16 -
 database/factories/UserFactory.php                                |   63 ++-
 database/migrations/2015_10_10_170827_create_users_table.php      |    2 +-
 database/{seeds => seeders}/.gitkeep                              |    0
 database/{seeds => seeders}/CountriesSeeder.php                   |    6 +-
 database/{seeds => seeders}/DatabaseSeeder.php                    |   10 +-
 database/{seeds => seeders}/PermissionsSeeder.php                 |    2 +
 database/{seeds => seeders}/RolesSeeder.php                       |    2 +
 database/{seeds => seeders}/UserSeeder.php                        |    2 +
 phpunit.xml                                                       |   66 ++-
 resources/views/user/edit.blade.php                               |    1 -
 routes/api.php                                                    |   11 +-
 routes/web.php                                                    |   12 +-

To 5.0.1 from 4.0.1

Bugfix release to fix the installation wizard. The only file that has been updated is 

app/Http/Controllers/Web/InstallController.php

To 5.0.0 from 4.0.1

Upgraded to Laravel 7 and fixed a few reported issues. API responses and authentication are completely changed in this version and Vanguard is now using Laravel's first-party packages for this.

The list of modified and removed files is available below (test files are omitted for readability):

 app/Exceptions/Handler.php                                                      |    22 +-
 app/Http/Controllers/Api/ApiController.php                                      |   122 +-
 app/Http/Controllers/Api/Auth/AuthController.php                                |    60 +-
 app/Http/Controllers/Api/Auth/Password/RemindController.php                     |    12 +-
 app/Http/Controllers/Api/Auth/Password/ResetController.php                      |    10 +-
 app/Http/Controllers/Api/Auth/RegistrationController.php                        |     4 +-
 app/Http/Controllers/Api/Auth/SocialLoginController.php                         |     6 +-
 app/Http/Controllers/Api/Auth/VerificationController.php                        |   104 +
 app/Http/Controllers/Api/Authorization/PermissionsController.php                |    35 +-
 app/Http/Controllers/Api/Authorization/RolePermissionsController.php            |    23 +-
 app/Http/Controllers/Api/Authorization/RolesController.php                      |    40 +-
 app/Http/Controllers/Api/CountriesController.php                                |    11 +-
 app/Http/Controllers/Api/Profile/AuthDetailsController.php                      |    15 +-
 app/Http/Controllers/Api/Profile/AvatarController.php                           |    23 +-
 app/Http/Controllers/Api/Profile/DetailsController.php                          |    19 +-
 app/Http/Controllers/Api/Profile/SessionsController.php                         |    10 +-
 app/Http/Controllers/Api/Profile/TwoFactorController.php                        |    16 +-
 app/Http/Controllers/Api/SessionsController.php                                 |    10 +-
 app/Http/Controllers/Api/SettingsController.php                                 |     2 -
 app/Http/Controllers/Api/StatsController.php                                    |    13 +-
 app/Http/Controllers/Api/Users/ActivityController.php                           |    49 -
 app/Http/Controllers/Api/Users/AvatarController.php                             |    16 +-
 app/Http/Controllers/Api/Users/SessionsController.php                           |    11 +-
 app/Http/Controllers/Api/Users/TwoFactorController.php                          |    13 +-
 app/Http/Controllers/Api/Users/UsersController.php                              |    59 +-
 app/Http/Controllers/Web/Auth/LoginController.php                               |     4 +-
 app/Http/Controllers/Web/InstallController.php                                  |    21 +-
 app/Http/Filters/UserKeywordSearch.php                                          |    19 +
 app/Http/Kernel.php                                                             |     9 +-
 app/Http/Middleware/Authenticate.php                                            |     8 +-
 app/Http/Middleware/CheckIfBanned.php                                           |    24 +
 app/Http/Middleware/UseApiGuard.php                                             |     3 +-
 app/Http/Requests/Auth/ApiLoginRequest.php                                      |    33 +
 app/Http/Requests/Auth/ApiVerifyEmailRequest.php                                |    21 +
 app/Http/Requests/Auth/Social/ApiAuthenticateRequest.php                        |     1 +
 app/Http/Requests/BinaryFileUploadRequest.php                                   |    76 -
 app/Http/Requests/User/UploadAvatarRawRequest.php                               |    11 +-
 app/Http/Resources/CountryResource.php                                          |    37 +
 app/Http/Resources/PermissionResource.php                                       |    27 +
 app/Http/Resources/RoleResource.php                                             |    38 +
 app/Http/Resources/SessionResource.php                                          |    28 +
 app/Http/Resources/UserResource.php                                             |    54 +
 app/Listeners/Users/{InvalidateSessionsAndTokens.php => InvalidateSessions.php} |     9 +-
 app/Providers/EventServiceProvider.php                                          |     4 +-
 app/Repositories/User/EloquentUser.php                                          |     8 +-
 app/Services/Auth/Api/ExtendsJwtValidation.php                                  |    69 -
 app/Services/Auth/Api/JWT.php                                                   |     8 -
 app/Services/Auth/Api/JWTAuth.php                                               |     8 -
 app/Services/Auth/Api/JWTServiceProvider.php                                    |    39 -
 app/Services/Auth/Api/Token.php                                                 |    12 -
 app/Services/Auth/Api/TokenFactory.php                                          |    82 -
 app/Transformers/CountryTransformer.php                                         |    32 -
 app/Transformers/PermissionTransformer.php                                      |    22 -
 app/Transformers/RoleTransformer.php                                            |    33 -
 app/Transformers/SessionTransformer.php                                         |    24 -
 app/Transformers/UserTransformer.php                                            |    54 -
 app/User.php                                                                    |    30 +-
 composer.json                                                                   |    33 +-
 composer.lock                                                                   |  3055 ++++++++++++++----------
 config/app.php                                                                  |     7 +-
 config/auth.php                                                                 |    22 +-
 config/cache.php                                                                |     1 +
 config/cors.php                                                                 |    34 +
 config/database.php                                                             |     7 +
 config/jwt.php                                                                  |   262 ---
 config/logging.php                                                              |    12 +-
 config/mail.php                                                                 |   139 +-
 config/queue.php                                                                |     1 +
 config/sanctum.php                                                              |    46 +
 config/services.php                                                             |     1 +
 config/session.php                                                              |     2 +-
 config/view.php                                                                 |     5 +-
 database/migrations/2015_10_10_171049_create_social_login_table.php             |     2 +-
 database/migrations/2015_12_29_224252_create_user_activity_table.php            |     2 +-
 database/migrations/2017_04_13_200254_create_api_tokens_table.php               |    51 -
 database/migrations/2019_12_14_000001_create_personal_access_tokens_table.php   |    36 +
 package.json                                                                    |    17 +-
 public/assets/css/app.css                                                       |     8 +-
 public/assets/css/vendor.css                                                    |     2 +-
 public/assets/js/vendor.js                                                      |    12 +-
 public/mix-manifest.json                                                        |     6 +-
 readme.md                                                                       |     2 +-
 resources/views/auth/login.blade.php                                            |     2 +-
 resources/views/user/profile.blade.php                                          |     1 -
 routes/api.php                                                                  |    89 +-

To 4.0.1 from 4.0.0

Fixed a few small bugs and slightly updated the registration flow. From this release on the `/Documentation/Patches` folder will be removed from the ZIP archive since Git patches are being detected as a virus by some anti-virus applications.

The list of modified files is available below

 app/Http/Controllers/Web/Auth/RegisterController.php           |  6 ++++--
 app/Http/Controllers/Web/DashboardController.php               |  6 +++++-
 app/Listeners/Users/ActivateUser.php                           | 33 +++++++++++++++++++++++++++++++++
 app/Providers/EventServiceProvider.php                         |  5 +++++
 app/User.php                                                   |  2 +-
 config/app.php                                                 |  2 +-
 config/filesystems.php                                         |  2 +-
 resources/lang/de.json                                         |  5 +++--
 resources/lang/sr.json                                         |  3 ++-
 resources/views/dashboard/{admin.blade.php => index.blade.php} |  1 +
 tests/Feature/Web/RegistrationTest.php                         |  4 ++--
 11 files changed, 58 insertions(+), 11 deletions(-)

To 4.0.0 from 3.2.1

Version 4 of Vanguard, which runs on Laravel 6, comes with a lot of improvements and, if you have any projects created using the previous versions of Vanguard, it's recommended to move all your modifications to a clean Vanguard 4 installation than to upgrade your existing Vanguard version.

The reason for this is because there are a lot of changed files between Vanguard 3.2.1 and Vanguard 4, and it can take pretty long to update all the files to their latest versions.

Anyways, if you decide to upgrade the Vanguard manually since there are a lot of the changes files, you will need to go through each file from the list of modified files available below and compare it with the one from version 4. It's highly recommended to check the Git patch file that contains all the differences between those two versions. The patch file is located inside the Documentation/Patches directory and you can use any text editor to open it (something like this Chrome plugin will also be a good option).

Modified files:

 .gitignore                                                                                                 |    1 +
 app/Events/User/Registered.php                                                                             |   30 -
 app/Events/User/ResetedPasswordViaEmail.php                                                                |   26 -
 app/Exceptions/Handler.php                                                                                 |    8 -
 app/Http/Controllers/Api/ActivityController.php                                                            |   39 -
 app/Http/Controllers/Api/Auth/AuthController.php                                                           |   10 +-
 app/Http/Controllers/Api/Auth/Password/RemindController.php                                                |    4 +-
 app/Http/Controllers/Api/Auth/Password/ResetController.php                                                 |   10 +-
 app/Http/Controllers/Api/Auth/RegistrationController.php                                                   |   19 +-
 app/Http/Controllers/Api/Auth/SocialLoginController.php                                                    |    2 +-
 app/Http/Controllers/Api/Profile/AvatarController.php                                                      |    1 -
 app/Http/Controllers/Api/SessionsController.php                                                            |    2 +
 app/Http/Controllers/Api/SettingsController.php                                                            |    4 +-
 app/Http/Controllers/Api/StatsController.php                                                               |   43 +-
 app/Http/Controllers/Api/Users/AvatarController.php                                                        |   30 +-
 app/Http/Controllers/Api/Users/UsersController.php                                                         |    7 +-
 app/Http/Controllers/Web/ActivityController.php                                                            |   68 --
 app/Http/Controllers/Web/Auth/AuthController.php                                                           |  374 -------
 app/Http/Controllers/Web/Auth/ForgotPasswordController.php                                                 |   45 +
 app/Http/Controllers/Web/Auth/LoginController.php                                                          |  150 +++
 app/Http/Controllers/Web/Auth/PasswordController.php                                                       |  113 --
 app/Http/Controllers/Web/Auth/RegisterController.php                                                       |   63 ++
 app/Http/Controllers/Web/Auth/ResetPasswordController.php                                                  |   61 +
 app/Http/Controllers/Web/Auth/SocialAuthController.php                                                     |   25 +-
 app/Http/Controllers/Web/Auth/TwoFactorTokenController.php                                                 |   75 ++
 app/Http/Controllers/Web/Auth/VerificationController.php                                                   |   41 +
 app/Http/Controllers/Web/{ => Authorization}/PermissionsController.php                                     |   74 +-
 app/Http/Controllers/Web/Authorization/RolePermissionsController.php                                       |   53 +
 app/Http/Controllers/Web/{ => Authorization}/RolesController.php                                           |   43 +-
 app/Http/Controllers/Web/DashboardController.php                                                           |   78 +-
 app/Http/Controllers/Web/InstallController.php                                                             |   14 +-
 app/Http/Controllers/Web/Profile/AvatarController.php                                                      |   85 ++
 app/Http/Controllers/Web/Profile/DetailsController.php                                                     |   45 +
 app/Http/Controllers/Web/Profile/LoginDetailsController.php                                                |   51 +
 app/Http/Controllers/Web/Profile/ProfileController.php                                                     |   64 ++
 app/Http/Controllers/Web/Profile/SessionsController.php                                                    |   52 +
 app/Http/Controllers/Web/ProfileController.php                                                             |  224 ----
 app/Http/Controllers/Web/SettingsController.php                                                            |   36 +-
 app/Http/Controllers/Web/TwoFactorController.php                                                           |   10 +-
 app/Http/Controllers/Web/Users/AvatarController.php                                                        |   83 ++
 app/Http/Controllers/Web/Users/DetailsController.php                                                       |   76 ++
 app/Http/Controllers/Web/Users/LoginDetailsController.php                                                  |   54 +
 app/Http/Controllers/Web/Users/SessionsController.php                                                      |   62 +
 app/Http/Controllers/Web/Users/UsersController.php                                                         |  163 +++
 app/Http/Controllers/Web/UsersController.php                                                               |  326 ------
 app/Http/Kernel.php                                                                                        |   34 +-
 app/Http/Middleware/EncryptCookies.php                                                                     |    2 +-
 app/Http/Middleware/{Registration.php => PasswordResetEnabled.php}                                         |    6 +-
 app/Http/Middleware/RegistrationEnabled.php                                                                |   25 +
 app/Http/Middleware/TwoFactorEnabled.php                                                                   |   25 +
 app/Http/Requests/Activity/GetActivitiesRequest.php                                                        |   28 -
 app/Http/Requests/Auth/PasswordResetRequest.php                                                            |   10 +
 app/Http/Requests/Auth/RegisterRequest.php                                                                 |   31 +-
 app/Http/Requests/Permission/BasePermissionRequest.php                                                     |    8 +-
 app/Http/Requests/Permission/CreatePermissionRequest.php                                                   |    9 +-
 app/Http/Requests/Permission/RemovePermissionRequest.php                                                   |    3 +
 app/Http/Requests/Permission/UpdatePermissionRequest.php                                                   |   11 +-
 app/Http/Requests/User/CreateUserRequest.php                                                               |    1 +
 app/Listeners/PermissionEventsSubscriber.php                                                               |   66 --
 app/Listeners/Registration/SendConfirmationEmail.php                                                       |   43 -
 app/Listeners/Registration/SendSignUpNotification.php                                                      |    8 +-
 app/Listeners/RoleEventsSubscriber.php                                                                     |   72 --
 app/Listeners/UserEventsSubscriber.php                                                                     |  204 ----
 app/Mail/ResetPassword.php                                                                                 |   37 +
 app/Mail/UserRegistered.php                                                                                |   41 +
 app/Notifications/EmailConfirmation.php                                                                    |   54 -
 app/Notifications/ResetPassword.php                                                                        |   53 -
 app/Notifications/UserRegistered.php                                                                       |   70 --
 app/Presenters/Presenter.php                                                                               |   46 +
 app/Presenters/Traits/Presentable.php                                                                      |   26 +
 app/Presenters/UserPresenter.php                                                                           |   25 +-
 app/Providers/AppServiceProvider.php                                                                       |    5 +-
 app/Providers/EventServiceProvider.php                                                                     |   13 +-
 app/Providers/VanguardServiceProvider.php                                                                  |   52 +
 app/Repositories/Activity/ActivityRepository.php                                                           |   59 -
 app/Repositories/Activity/EloquentActivity.php                                                             |   98 --
 app/Rules/ValidPermissionName.php                                                                          |   44 +
 app/Services/Auth/Api/TokenFactory.php                                                                     |    2 +
 app/Services/Auth/ThrottlesLogins.php                                                                      |   81 ++
 app/Services/Logging/UserActivity/Activity.php                                                             |   20 -
 app/Services/Logging/UserActivity/Logger.php                                                               |   86 --
 app/Services/Upload/UserAvatarManager.php                                                                  |   89 +-
 app/Support/Enum/UserStatus.php                                                                            |    6 +-
 app/Support/Plugins/Dashboard/Dashboard.php                                                                |   17 +
 app/Support/Plugins/Dashboard/Widgets/BannedUsers.php                                                      |   44 +
 app/Support/Plugins/Dashboard/Widgets/LatestRegistrations.php                                              |   43 +
 app/Support/Plugins/Dashboard/Widgets/NewUsers.php                                                         |   43 +
 app/Support/Plugins/Dashboard/Widgets/RegistrationHistory.php                                              |   71 ++
 app/Support/Plugins/Dashboard/Widgets/TotalUsers.php                                                       |   43 +
 app/Support/Plugins/Dashboard/Widgets/UnconfirmedUsers.php                                                 |   44 +
 app/Support/Plugins/Dashboard/Widgets/UserActions.php                                                      |   27 +
 app/Support/Plugins/RolesAndPermissions.php                                                                |   31 +
 app/Support/Plugins/Settings.php                                                                           |   40 +
 app/Support/Plugins/Users.php                                                                              |   18 +
 app/Support/Sidebar/Item.php                                                                               |  249 +++++
 app/Support/helpers.php                                                                                    |   21 -
 app/Transformers/ActivityTransformer.php                                                                   |   36 -
 app/Transformers/UserTransformer.php                                                                       |    3 +-
 app/User.php                                                                                               |   38 +-
 composer.json                                                                                              |   56 +-
 composer.lock                                                                                              | 2847 +-
 config/app.php                                                                                             |   19 +-
 config/broadcasting.php                                                                                    |    3 +-
 config/cache.php                                                                                           |   13 +-
 config/database.php                                                                                        |   48 +-
 config/logging.php                                                                                         |   17 +-
 config/mail.php                                                                                            |   11 +
 config/plugins.php                                                                                         |   21 +
 config/queue.php                                                                                           |   10 +-
 config/services.php                                                                                        |   10 +-
 config/session.php                                                                                         |    4 +-
 config/setting.php                                                                                         |   85 ++
 config/settings.php                                                                                        |   17 -
 database/factories/ActivityFactory.php                                                                     |   15 -
 database/factories/RoleFactory.php                                                                         |    2 +-
 database/factories/UserFactory.php                                                                         |    5 +-
 database/migrations/2014_10_12_100000_create_password_resets_table.php                                     |    4 +-
 database/migrations/2015_08_25_172600_create_settings_table.php                                            |   42 -
 database/migrations/2015_10_10_170827_create_users_table.php                                               |    2 +-
 database/migrations/2015_12_29_224252_create_user_activity_table.php                                       |    2 +
 database/migrations/2017_08_24_000000_create_settings_table.php                                            |   41 +
 database/migrations/2019_08_22_140712_create_announcements_table.php                                       |   50 +
 database/seeds/UserSeeder.php                                                                              |    3 +-
 package-lock.json                                                                                          | 5165 +-
 phpunit.xml                                                                                                |    3 +
 public/assets/css/app.css                                                                                  |    2 +-
 public/assets/js/as/app.js                                                                                 |   14 +-
 public/mix-manifest.json                                                                                   |    2 +-
 public/vendor/plugins/announcements/css/announcements.css                                                  |    1 +
 public/vendor/plugins/announcements/js/announcements.js                                                    |    1 +
 public/vendor/plugins/announcements/mix-manifest.json                                                      |    4 +
 resources/lang/de.json                                                                                     |  242 ++++
 resources/lang/de/app.php                                                                                  |  328 +-----
 resources/lang/de/log.php                                                                                  |   32 -
 resources/lang/en/app.php                                                                                  |  331 +-----
 resources/lang/en/log.php                                                                                  |   32 -
 resources/lang/sr.json                                                                                     |  242 ++++
 resources/lang/sr/app.php                                                                                  |  335 +-----
 resources/lang/sr/log.php                                                                                  |   32 -
 resources/sass/_variables.scss                                                                             |   12 +-
 resources/sass/app.scss                                                                                    |    2 +-
 resources/sass/components/card.scss                                                                        |   29 +-
 resources/sass/components/general.scss                                                                     |   12 +-
 resources/sass/components/input.scss                                                                       |    9 +-
 resources/sass/components/navbar.scss                                                                      |   98 +-
 resources/sass/components/sidebar.scss                                                                     |  279 +++--
 resources/sass/components/util.scss                                                                        |   16 +
 resources/views/activity/index.blade.php                                                                   |  100 --
 resources/views/auth/login.blade.php                                                                       |   40 +-
 resources/views/auth/{password/remind.blade.php => passwords/email.blade.php}                              |   26 +-
 resources/views/auth/{password => passwords}/reset.blade.php                                               |   43 +-
 resources/views/auth/register.blade.php                                                                    |   90 +-
 resources/views/auth/token.blade.php                                                                       |   18 +-
 resources/views/auth/tos.blade.php                                                                         |   24 +
 resources/views/auth/verify.blade.php                                                                      |   30 +
 resources/views/dashboard/admin.blade.php                                                                  |  147 +--
 resources/views/dashboard/default.blade.php                                                                |  102 --
 resources/views/emails/notifications/new-registration.blade.php                                            |   10 -
 resources/views/emails/password/remind.blade.php                                                           |   12 -
 resources/views/emails/registration/confirmation.blade.php                                                 |   13 -
 resources/views/errors/403.blade.php                                                                       |    8 -
 resources/views/errors/404.blade.php                                                                       |   12 -
 resources/views/errors/500.blade.php                                                                       |   10 -
 resources/views/errors/503.blade.php                                                                       |    8 -
 resources/views/layouts/app.blade.php                                                                      |   10 +-
 resources/views/layouts/auth.blade.php                                                                     |    5 +-
 resources/views/layouts/errors.blade.php                                                                   |   35 -
 resources/views/layouts/install.blade.php                                                                  |    2 +-
 resources/views/mail/reset-password.blade.php                                                              |   22 +
 resources/views/mail/user-registered.blade.php                                                             |   19 +
 resources/views/partials/navbar.blade.php                                                                  |   33 +-
 resources/views/partials/sidebar.blade.php                                                                 |  122 --
 resources/views/partials/sidebar/items.blade.php                                                           |   26 +
 resources/views/partials/sidebar/main.blade.php                                                            |   37 +
 resources/views/permission/add-edit.blade.php                                                              |   46 +-
 resources/views/permission/index.blade.php                                                                 |   34 +-
 resources/views/plugins/dashboard/widgets/banned-users.blade.php                                           |   14 +
 resources/views/plugins/dashboard/widgets/latest-registrations.blade.php                                   |   31 +
 resources/views/plugins/dashboard/widgets/new-users.blade.php                                              |   14 +
 resources/views/plugins/dashboard/widgets/registration-history-scripts.blade.php                           |   12 +
 resources/views/plugins/dashboard/widgets/registration-history.blade.php                                   |   11 +
 resources/views/plugins/dashboard/widgets/total-users.blade.php                                            |   14 +
 resources/views/plugins/dashboard/widgets/unconfirmed-users.blade.php                                      |   14 +
 resources/views/plugins/dashboard/widgets/user-actions.blade.php                                           |   53 +
 resources/views/role/add-edit.blade.php                                                                    |   46 +-
 resources/views/role/index.blade.php                                                                       |   34 +-
 resources/views/settings/auth.blade.php                                                                    |   12 +-
 resources/views/settings/general.blade.php                                                                 |   18 +-
 resources/views/settings/notifications.blade.php                                                           |   30 +-
 resources/views/settings/partials/auth.blade.php                                                           |   35 +-
 resources/views/settings/partials/recaptcha.blade.php                                                      |   24 +-
 resources/views/settings/partials/registration.blade.php                                                   |   31 +-
 resources/views/settings/partials/throttling.blade.php                                                     |   39 +-
 resources/views/settings/partials/two-factor.blade.php                                                     |   29 +-
 resources/views/user/add.blade.php                                                                         |   20 +-
 resources/views/user/edit.blade.php                                                                        |   60 +-
 resources/views/user/list.blade.php                                                                        |   41 +-
 resources/views/user/partials/auth.blade.php                                                               |   46 +-
 resources/views/user/partials/avatar.blade.php                                                             |   31 +-
 resources/views/user/partials/details.blade.php                                                            |   42 +-
 resources/views/user/partials/row.blade.php                                                                |   35 +-
 resources/views/user/partials/two-factor.blade.php                                                         |   40 +-
 resources/views/user/profile.blade.php                                                                     |   58 +-
 resources/views/user/sessions.blade.php                                                                    |   34 +-
 resources/views/user/two-factor-verification.blade.php                                                     |   25 +-
 resources/views/user/view.blade.php                                                                        |   99 +-
 resources/views/vendor/mail/html/button.blade.php                                                          |   19 +
 resources/views/vendor/mail/html/footer.blade.php                                                          |   11 +
 resources/views/vendor/mail/html/header.blade.php                                                          |    7 +
 resources/views/vendor/mail/html/layout.blade.php                                                          |   54 +
 resources/views/vendor/mail/html/message.blade.php                                                         |   27 +
 resources/views/vendor/mail/html/panel.blade.php                                                           |   13 +
 resources/views/vendor/mail/html/promotion.blade.php                                                       |    7 +
 resources/views/vendor/mail/html/promotion/button.blade.php                                                |   13 +
 resources/views/vendor/mail/html/subcopy.blade.php                                                         |    7 +
 resources/views/vendor/mail/html/table.blade.php                                                           |    3 +
 resources/views/vendor/mail/html/themes/default.css                                                        |  307 +++++
 resources/views/vendor/mail/text/button.blade.php                                                          |    1 +
 resources/views/vendor/mail/text/footer.blade.php                                                          |    1 +
 resources/views/vendor/mail/text/header.blade.php                                                          |    1 +
 resources/views/vendor/mail/text/layout.blade.php                                                          |    9 +
 resources/views/vendor/mail/text/message.blade.php                                                         |   27 +
 resources/views/vendor/mail/text/panel.blade.php                                                           |    1 +
 resources/views/vendor/mail/text/promotion.blade.php                                                       |    1 +
 resources/views/vendor/mail/text/promotion/button.blade.php                                                |    1 +
 resources/views/vendor/mail/text/subcopy.blade.php                                                         |    1 +
 resources/views/vendor/mail/text/table.blade.php                                                           |    1 +
 resources/views/vendor/notifications/email.blade.php                                                       |    6 +-
 routes/api.php                                                                                             |   16 +-
 routes/web.php                                                                                             |  458 +++-----
 storage/app/.gitignore                                                                                     |    0
 storage/framework/.gitignore                                                                               |    1 +
 storage/settings.json                                                                                      |    2 +-
 tests/CreatesApplication.php                                                                               |   24 +
 tests/Feature/Api/Auth/AuthControllerTest.php                                                              |  162 +++
 tests/Feature/Api/Auth/Password/RemindControllerTest.php                                                   |   38 +
 tests/Feature/{Http/Controllers => }/Api/Auth/Password/ResetControllerTest.php                             |   46 +-
 tests/Feature/Api/Auth/RegistrationControllerTest.php                                                      |  104 ++
 tests/Feature/{Http/Controllers => }/Api/Auth/SocialLoginControllerTest.php                                |   69 +-
 tests/Feature/Api/Authorization/PermissionsControllerTest.php                                              |  161 +++
 tests/Feature/{Http/Controllers => }/Api/Authorization/RolePermissionsControllerTest.php                   |   56 +-
 tests/Feature/Api/Authorization/RolesControllerTest.php                                                    |  176 +++
 tests/Feature/{Http/Controllers => }/Api/CountriesControllerTest.php                                       |   16 +-
 tests/Feature/Api/Profile/AuthDetailsControllerTest.php                                                    |   83 ++
 tests/Feature/{Http/Controllers => }/Api/Profile/AvatarControllerTest.php                                  |   74 +-
 tests/Feature/Api/Profile/DetailsControllerTest.php                                                        |  123 ++
 tests/Feature/{Http/Controllers => }/Api/Profile/SessionsControllerTest.php                                |   19 +-
 tests/Feature/{Http/Controllers => }/Api/Profile/TwoFactorControllerTest.php                               |  119 +-
 tests/Feature/{Http/Controllers => }/Api/SessionsControllerTest.php                                        |   61 +-
 tests/Feature/Api/SettingsControllerTest.php                                                               |   38 +
 tests/Feature/{Http/Controllers => }/Api/StatsControllerTest.php                                           |   53 +-
 tests/Feature/Api/Users/AvatarControllerTest.php                                                           |  147 +++
 tests/Feature/{Http/Controllers => }/Api/Users/SessionsControllerTest.php                                  |   26 +-
 tests/Feature/Api/Users/TwoFactorControllerTest.php                                                        |  170 +++
 tests/Feature/{Http/Controllers => }/Api/Users/UsersControllerTest.php                                     |  127 ++-
 tests/Feature/ApiTestCase.php                                                                              |   22 +-
 tests/Feature/FunctionalTestCase.php                                                                       |  203 ----
 tests/Feature/Http/Controllers/Api/ActivityControllerTest.php                                              |  118 --
 tests/Feature/Http/Controllers/Api/Auth/AuthControllerTest.php                                             |  163 ---
 tests/Feature/Http/Controllers/Api/Auth/Password/RemindControllerTest.php                                  |   44 -
 tests/Feature/Http/Controllers/Api/Auth/RegistrationControllerTest.php                                     |  122 --
 tests/Feature/Http/Controllers/Api/Authorization/PermissionsControllerTest.php                             |  190 ----
 tests/Feature/Http/Controllers/Api/Authorization/RolesControllerTest.php                                   |  203 ----
 tests/Feature/Http/Controllers/Api/Profile/AuthDetailsControllerTest.php                                   |   88 --
 tests/Feature/Http/Controllers/Api/Profile/DetailsControllerTest.php                                       |  125 ---
 tests/Feature/Http/Controllers/Api/SettingsControllerTest.php                                              |   37 -
 tests/Feature/Http/Controllers/Api/Users/ActivityControllerTest.php                                        |  109 --
 tests/Feature/Http/Controllers/Api/Users/AvatarControllerTest.php                                          |  154 ---
 tests/Feature/Http/Controllers/Api/Users/TwoFactorControllerTest.php                                       |  196 ----
 tests/Feature/Http/Controllers/Web/ActivityControllerTest.php                                              |   83 --
 tests/Feature/Http/Controllers/Web/Auth/AuthControllerTest.php                                             |  438 --------
 tests/Feature/Http/Controllers/Web/Auth/PasswordControllerTest.php                                         |  159 ---
 tests/Feature/Http/Controllers/Web/PermissionsControllerTest.php                                           |  181 ---
 tests/Feature/Http/Controllers/Web/ProfileControllerTest.php                                               |  266 -----
 tests/Feature/Http/Controllers/Web/RolesControllerTest.php                                                 |  138 ---
 tests/Feature/Http/Controllers/Web/SettingsControllerTest.php                                              |   34 -
 tests/Feature/Http/Controllers/Web/UsersControllerTest.php                                                 |  464 --------
 tests/Feature/ImpersonateUsersTest.php                                                                     |   96 --
 tests/Feature/Listeners/BaseListenerTestCase.php                                                           |   29 -
 tests/Feature/Listeners/PermissionEventsSubscriberTest.php                                                 |   38 -
 tests/Feature/Listeners/RoleEventsSubscriberTest.php                                                       |   44 -
 tests/Feature/Listeners/UserEventsSubscriberTest.php                                                       |  178 ---
 tests/Feature/Repositories/Activity/EloquentActivityTest.php                                               |  128 ---
 tests/Feature/Repositories/Role/EloquentRoleTest.php                                                       |  108 --
 tests/Feature/Web/ImpersonateUsersTest.php                                                                 |   91 ++
 tests/Feature/Web/LoginTest.php                                                                            |  177 +++
 tests/Feature/Web/PermissionsTest.php                                                                      |  348 ++++++
 tests/Feature/Web/RegistrationTest.php                                                                     |  172 +++
 tests/Feature/Web/RolesTest.php                                                                            |  234 ++++
 tests/Feature/Web/Settings/AuthSettingsTest.php                                                            |  105 ++
 tests/Feature/Web/Settings/CaptchaSettingsTest.php                                                         |   49 +
 tests/Feature/Web/Settings/GeneralSettingsTest.php                                                         |   62 +
 tests/Feature/Web/Settings/TwoFactorSettingsTest.php                                                       |   49 +
 tests/Feature/Web/SettingsTest.php                                                                         |  137 +++
 tests/Feature/{Http/Controllers/Web/Auth/SocialAuthControllerTest.php => Web/SocialAuthenticationTest.php} |  141 +--
 tests/Feature/{Http/Controllers/Web/TwoFactorControllerTest.php => Web/TwoFactorAuthTest.php}              |  276 ++---
 tests/Feature/Web/UpdateProfileTest.php                                                                    |  251 +++++
 tests/Feature/Web/UsersTest.php                                                                            |  710 ++++++++++++
 tests/Setup/RoleFactory.php                                                                                |   47 +
 tests/Setup/UserFactory.php                                                                                |   95 ++
 tests/TestCase.php                                                                                         |   65 +-
 tests/{unit => Unit}/Presenters/UserPresenterTest.php                                                      |   31 +-
 tests/{Feature => Unit}/Repositories/Country/EloquentCountryTest.php                                       |   15 +-
 tests/{Feature => Unit}/Repositories/Permission/EloquentPermissionTest.php                                 |   29 +-
 tests/Unit/Repositories/Role/EloquentRoleTest.php                                                          |  117 ++
 tests/{Feature => Unit}/Repositories/Session/DbSessionTest.php                                             |   32 +-
 tests/{Feature => Unit}/Repositories/User/EloquentUserTest.php                                             |  195 ++--
 tests/{Feature => Unit}/Services/Auth/Api/TokenFactoryTest.php                                             |   37 +-
 tests/UpdatesSettings.php                                                                                  |   22 +
 tests/files/.DS_Store                                                                                      |  Bin 6148 -> 0 bytes
 tests/files/image.png                                                                                      |  Bin 38306 -> 0 bytes
 312 files changed, 15667 insertions(+), 16557 deletions(-)

After accessing any Vanguard-protected URL, a user will automatically be redirected to the Login Page. Users are able to log in by typing their username (or email) and password, or by using some of Social Authentication options (if enabled). The login form is displayed below:

Two-Factor Token

If Two-Factor Authentication is enabled for a specific user, after entering correct username/email and password combination, he will be redirected to Two-Factor Token page displayed below, to enter Authy 2FA token. This means that user has to download the secure Authy app on his mobile phone and use the token value available upon application installation.

After entering the 2FA token, Vanguard will contact Authy servers to check the token value, and, only if the token is correct, a user will be logged in.

Registration

Since registration can be completely disabled inside application settings, the registration form is only accessible if registration is enabled.

Users are able to access the registration form and create a new account by clicking the Sign Up link on the login page and fill up the registration form.

If it is enabled inside application settings, a user also has to confirm that they are humans by passing Google reCAPTCHA test.

After successful registration, depending on application settings, a user has to confirm their email address if they want to log in for the first time. If email confirmation is disabled by the system administrator, users will be able to log in right after successful registration.

Password Reset

In case that some user forgot his password, he will be able to reset it from Forgot Password form available, after clicking I forgot my password link on a login page.

Note! Password reset page is accessible only if that option is enabled by the system administrator.

After filling in the email used for that account, a user will receive a password reset email with a password reset link. That link will be available for a predefined period of time, which is, again, defined by system administrators inside application settings.

When a user clicks on received password reset link, password reset form will be displayed and it will allow them to enter their new password.

Administrators are able to see some system stats on their dashboard page. They can see how many new users are registered for the current month, number of total users, number of banned users and number of users who still have to confirm their email address.

They can see the latest registration and registration history graph for the current year.

User Dashboard

Users also have their dashboard where they can quickly navigate to some parts of the system, and where they can see their activity graph for last two weeks.

The activity graph is based on their Activity Log, and represent a number of actions for each day in last two weeks.

Details

On Profile Details page, users can update their basic information like First Name, Last Name etc. Also, they are able to update they country from a list of available countries or to update their birthday using easy bootstrap calendar plugin.

Avatar

Every user is able to set his avatar photo. By clicking "Change Photo" button below his current avatar, he is able to remove current avatar by clicking No Photo, to upload avatar image or to use his Gravatar (if there is no Gravatar account attached to his email address, default Gravatar image will be displayed).

If use is authenticated with some social network (like Facebook, for example) he will be able to select avatars from the social network he is authenticated with. In this case, the user was authenticated with Facebook, so he is able to select a Facebook avatar and use it within the Vanguard application.

Uploading Avatar

Uploading avatar is ridiculously easy. After selecting Upload Avatar option on modal dialog from above, and selecting the avatar photo, you are able to zoom the selected photo in and out and move it around until you are happy with how it looks. After putting the image to the desired position, and clicking the Save button, the avatar will be automatically cropped and uploaded to the server, and user's avatar will be updated.

Authentication

On Authentications tab, under Profile section, every user is able to update his login details including email, username, and password. If the password field is empty when users click "Update Details" button, the password will not be updated.

Users are also able to enable or disable Two-Factor Authentication (2FA) for their account (of course, if it is enabled globally by administrators). And, as it already mentioned in authentication section, in order to use two-factor authentication, a user has to install Authy application on his phone.

To enable 2FA, a user has to provide his Country Code and Cell Phone number, without country code prefix. For example, if your cell phone number is +12345678, and you are from USA, then your Country Code will be 1 and your Cell Phone Number will be 2345678.

If you are not sure what your country code is, list of all country codes can be found here.

Users List

Users list page represent a list of all system users. Users are searchable by almost all attributes and can be filtered by their status.

User Details

Administrators can view user profile by clicking "green eye" icon for specific users on users list page. This page represents brief user info, where administrators can quickly see some basic user details.

Creating New User

As it is already mentioned above, users can be added to the system manually from users with appropriate permissions. The form for adding a new user is displayed below.

Updating User

Administrators can edit all user details, update their avatar and invalidate their active sessions. The form for editing user details is the same form that every user see when he edits his Profile, and the only difference is that user role and status can now be changed by the administrator.

How to impersonate a user?

One way to impersonate a user is from a user list page, as displayed on the image below:

Users can also be impersonated from their profile page:

Stop Impersonating

While you are impersonating a user, you can do everything that the user can do himself. Once you are done and you want to return to your account and stop impersonating the user, just click on the "Stop Impersonating" button inside the header.

Changing Permissions

If you want to customize who can impersonate other users or which users can be impersonated, you can do that by updating appropriate methods inside app/Support/CanImpersonateUsers.php file.

Every system user is able to see his active sessions, as well as IP address from which he is logged in, the user agent and time of his last activity for that session.

By clicking the red "x" button, a user can invalidate the selected session, which means that he will be automatically logged out from that device.

Note! Session Management is available only if database session driver is used by Vanguard. More about sessions drivers can be found here.

NOTE: Starting from version 4, User Activity Log is now available as a free plugin but it still comes included in the version that can be downloaded from CodeCanyon. Of course, you can completely remove it if you want to, just like any other plugin.

---

User activity log User activity is recorded for every system user. Every time when someone updates his profile information, upload an avatar or maybe even make a password reset email request, system store that activity into the database and so system administrators can see what their users are doing.

The list of available activities and appropriate messages is provided below:

System Activity Log

Administrators are able to see activity logs for all system users, as well as search for specific log messages only, as it is displayed on image below.

Also, if an administrator is interested in the activity log of the particular user, simply by clicking on user's name he can view the entire log for that specific user.

User Activity Log

Non-administrator users can see only their own activity log and search through it if they see some suspicious activity.

Available System Roles

On roles section of the website administrators (or other users with appropriate permissions) can see and manage available system roles, as well as add an unlimited number of new roles. Page with default system roles (Admin and User) is provided below.

Managing Roles

As it was already mentioned, users with appropriate permissions can add an unlimited number of roles, and use them to customize the application. More on that can be found in working with permissions section.

Form for adding a new role, and editing existing roles, is provided below.

Every role has a name, that is used as a key inside the source code of the application. The display name is used inside the UI to better explain who is this role referring to.

System Permissions

Permissions represent some concrete actions that specific role can perform. For example, one of the default permissions is users.manage, and every user with a role which has this permission can manage system users.

This means that, for example, you can create new system role called Manager, and allow managers to only edit system users, without them being able to update system settings etc.

Note! Default system permissions cannot be deleted from UI. Custom created permissions can be deleted without any problem.

Managing Permissions

List of available permissions, including available system roles and their permissions, is provided below.

If we want, for example, to allow system users with role User to be able to View System Activity Log, all we have to do is to check the corresponding checkbox for that role, and click Save Permissions button at the bottom of the page. After that, all users will be able to see Activity Log in sidebar menu as well as to access the activity log for all system users.

Vanguard supports the unlimited number of permissions, and they can be added via the form provided below.

Permission name is used as key/constant inside the source code to check if the user has permissions to perform some action (more on that inside custom registration form example), and display name is used inside the UI, to better explain what the permission is used for.

General Settings

General settings section is used for updating the application name. Once application name has been updated, it will change the entire system, so you don't have to edit any code at all.

Authentication Settings

Authentication settings section contains everything that will allow easy authentication configuration.

General Auth Settings

• Allow "Remember Me"? - used to enable/disable the checkbox for remembering the user, that is available on the login page. If this option is set to OFF, users will be automatically logged out once their session expires.

• Forgot Password - used for enabling/disabling reset password feature. If it is set to OFF, users won't be able to reset their password if they forget it.

• Reset Token Lifetime - integer variable that represents a lifetime of password reset token (in minutes).

Authentication Throttling

Authentication Throttling is a security feature that will prevent brute force attacks. If it is enabled and user enter the wrong password for a specific number of times (check "Maximum Number of Attempts" option below), his account will be locked for a predefined period of time.

Available options are:

• Throttle Authentication - used to enable/disable authentication throttling

• Maximum Number of Attempts - maximum number of times that user can enter wrong credentials before his account is locked for some period of time

• Lockout Time - the number of minutes that represent how long user account will be locked. For example, if this parameter is set to 2 and Maximum Number of Attempts parameter from above is set to 5, this means that after some user enter wrong credentials for 5 times, his account will be locked down for 2 minutes.

Two-Factor Authentication (2FA)

If this option is enabled, users will be able to enable/disable 2FA from their Profile page. 

Registration Settings

Registration settings are used to quickly configure registration process or to disable it completely. Page with self-explanatory options is provided below.

Notifications Settings

Notifications settings contain an option for enabling or disabling email notifications when a new user signs up. If it's enabled, all users with Amin role will receive a notification when a new user signs up.

Running Tests

You can start your tests just by typing

phpunit

or, if you don't have the phpunit in your PATH, then do it like following from Vanguard's root folder

./vendor/bin/phpunit

PHP unit will then execute your tests and you will be sure that your application is working as you expect.

Vanguard is fully tested and working on PHP 7.1.3+.

Different Databases

By default, Vanguard is configured to use SQLite in Memory database to perform tests. However, if you would like to test it on some other databases like MySQL, then you will have to modify DB_CONNECTION environment variable inside phpunit.xml file and set it to mysql (or you can just completely remove it, since MySQL driver is default) and you have to add the name for test database by defining DB_DATABASE variable like following:

<php>
    <env name="APP_ENV" value="testing"/>
    <env name="CACHE_DRIVER" value="array"/>
    <env name="SESSION_DRIVER" value="array"/>
    <env name="QUEUE_DRIVER" value="sync"/>
    <env name="DB_CONNECTION" value="mysql"/> <!-- database connection -->
    <env name="DB_DATABASE" value="vanguard_test"/> <!-- test db name -->
    <env name="MAIL_DRIVER" value="log"/>
</php>

You can modify any other environment variables here if necessary.

Keep in mind that you will need to enable the API itself (which is disabled by default) as explained in the configuration section.

The complete API documentation is available at the following URL: https://api-docs.vanguardapp.io/ 

All requests are routed through index.php file (it utilizes front controller pattern) and then routes are responsible for routing your request to appropriate controller and method.

Now, the reason you get such message is probably because you most likely use Apache Web Server which does not have mod_rewrite installed and enabled. This means that you will have to enable Apache mod_rewrite, and you can do it by typing the following command into the terminal (after you login to your server via SSH):

a2enmod rewrite

This command will enable Apache rewrite module. If you get some message like "Module rewrite already enabled", this means that module is already enabled and you can proceed to next step, which is updating Apache configuration file.

After you are sure that you have your module enabled, next thing to do is to make sure that you have added allow from all for Apache 2.2 or AllowOverride All for Apache 2.4 inside your Vanguard's Apache virtual host configuration, like following:

Apache 2.2:

<VirtualHost *:80> 
    DocumentRoot /var/www/vanguard/public 
    ServerName mydomain.com 
    <Directory "/var/www/vanguard/public"> 
        allow from all <!-- add this line -->
        Options FollowSymLinks 
    </Directory> 
</VirtualHost>

Apache 2.4:

<VirtualHost *:80> 
    DocumentRoot /var/www/vanguard/public 
    ServerName mydomain.com 
    <Directory "/var/www/vanguard/public"> 
        AllowOverride All <!-- add this line -->
        Options FollowSymLinks 
    </Directory> 
</VirtualHost>

Of course, your VirtualHost configuration will probably be different, but you must allow Vanguard's .htaccess file to actually do some work by defining this allow rule.

Note! If you don't have SSH access to your server, or you are using cPanel (or any similar software) you should probably enable Apache rewrite module from there. If not, you will have to contact your support to do that for you.

// to redirect to custom url (can be any url)
return redirect()->to("your url here");

//or

// to redirect to specific Vanguard route
// with name that is already defined for that route
return redirect()->route("route_name_here");

<IfModule mod_negotiation.c>
    Options -MultiViews
</IfModule>

Each plugin can have its own API or Web routes, migrations and it's own views and controllers, just like any other Laravel package. This is why it is highly recommended to check the documentation for creating Laravel packages before you proceed with creating a Vanguard plugin.

php artisan vanguard:make-plugin Foo

The command from above will generate a new folder called Foo inside the Vanguard's /plugins directory, which is the default location for all Vanguard plugins and it will update your main composer.json file to reference the newly installed plugin. The root namespace for all plugin classes created in this case will be Vanguard\Foo.

Each plugin has one main class which basically serves as a service provider for the plugin. In our case, the main plugin service provider is defined inside the plugins/Foo/src/Foo.php file (it will always have the same name as the plugin itself if you scaffold the plugin using vanguard:make-plugin command).

The generated plugins' top-level structure will look like the following:

plugins
-- Foo
---- config
---- database
---- resources
---- routes
---- src
---- tests
---- .gitignore
---- composer.json
---- package.json
---- webpack.mix.js

Since not all plugins will have all the above, you are free to customize the directory structure however you want.

If you have installed the plugin via Composer and you want to remove it, the procedure is as easy as above. For example, if you want to remove the Vanguard official Announcements plugin that comes with Vanguard out of the box, you'll need to do the following two things:

1) Remove the \Vanguard\Announcements\Announcements::class, line from the array of active plugins in VanguardServiceProvider. This will make the plugin inactive and it won't appear inside the Vanguard at all.

2) Run composer remove vanguardapp/announcements to completely remove the plugin from the system.

In our case, it will look something like following (pay attention to the use line at the top of the file):

use Vanguard\Foo\Foo;

//...

protected function plugins()
{
    return [
        Dashboard::class,
        Users::class,
        UserActivity::class,
        RolesAndPermissions::class,
        Settings::class,
        Foo::class, // or you can add it as a string, like '\Vanguard\Foo\Foo'
    ];
}

As soon as the plugin is activated it will automatically register a new route for you, which you can use to test if the plugin is installed properly. In our example from above, you should be able to navigate to "/foo" page and it will show something like the following:

Vanguard plugins have one more default method called sidebar, and its purpose is to allow you to easily put the navigation items to Vanguard's sidebar navigation.

The Register Method

As per Laravel docs, within the register method, you should only bind things into the service container. For example, this is a perfect place to bind some concrete repository classes to a specific interface.

The Boot Method

This method is called after all other service providers have been registered, meaning you have access to all other services that have been registered by the framework. Inside this method, you will bind your plugin routes, register views, etc.

The Sidebar Method

If your plugin needs to add an item to the sidebar, this is the method where you will define how this sidebar item will look like and who should be able to see it.

The method returns an instance of the Vanguard\Support\Sidebar\Item class and it's recommended to open the class definition itself and go through all the documented methods to see everything that this class can do. Here is an example on how to define a sidebar item for our "Foo" plugin created above:

public function sidebar()
{
    return Item::create('Foo')
        ->icon('fas fa-bullhorn')
        ->route('foo.index')
        ->permissions('foo.manage')
        ->active('foo*');
}

The create factory method from above accepts a string which is basically the title of the navigation item printed inside the sidebar.

The icon method is actually the FontAwesome icon class that should be used for the item.

The route method is a named route to which this navigation item should point to. If you don't have a named route for this navigation item, or you simply want to point to some external URL, you can use the href method that accepts any string that will be used for a href attribute for a navigation link.

The permissions method is where you define permissions required for viewing the sidebar item. It accepts either single permission as a string, array of permissions or even a callback that you can use if you have some complex authorization logic.

If a callback provided here returns true then currently authenticated user will be able to see the navigation item. Otherwise, it won't be rendered. Here is an example:

Item::create('Foo')
    ->permissions(function ($user) {
        return $user->status === 'Foo';
    })
//...

The active method is where you define when this navigation item should be active according to the current URL path. In our case from above, this item will be active whenever there is an URL that starts with foo.

NOTE! Use only plugins from the trusted sources. Plugins have access to all application files, as well as your database and some malicious plugins, can take all the data and the files from your application.

Installing a Plugin via Composer

You can install Vanguard plugins via composer, just like any other composer package. Each plugin can have different necessary steps that you should perform during the installation, so make sure that you have followed the plugin installation guide.

After the successful installation, you just need to register the plugin inside the VanguardServiceProvider and you are good too.

Keep in mind though that you won't be able to edit the plugin files in this case since they will be inside the /vendor folder. If you want to be able to edit the plugin files, you will need to install it inside the /plugins folder, as it is described below.

Installing a Plugin Manually

Let's say that we have a plugin named Foo that you have purchased from a trusted source and it was sent to you as a ZIP archive.

To install this plugin manually, you need to perform the following steps:

1) Extract the plugin zip archive to the /plugins folder located inside the Vanguard's root folder.

2) Update the repositories section in your main composer.json file by adding one more item as the following:

{
    "type": "path",
    "url": "./plugins/Foo"
}

3) Add the following line to the require section in your main composer.json file:

"vanguardapp/foo": "*"

In our case, the full name of the package is vanguardapp/foo, but some real package will probably have a different name, so make sure that you find the name of the package/plugin by checking the name property in plugin's composer.json file (in our case the path to plugin's composer.json file is /plugins/Foo/composer.json).

4) Follow the plugin installation guide and run all the commands required for the plugin to be installed properly.

After the successful installation, you just need to register the plugin inside the VanguardServiceProvider and you are good too.

Template Hooks Placeholders

If you want to define a hook placeholder somewhere inside your blade template file, you can easily do it by using the @hook blade directive, like the following:

@hook('hook-name')

This means that when the blade template is rendering if there are any hook handlers defined for a hook with name hook-name then each hook handler will be executed and whatever each of the handler returns will be at the same place inside the template where the @hook('hook-name') is defined.

Hook Handlers

A hook handler is a simple class that implements the Vanguard\Plugins\Contracts\Hook interface and has one handle() method. You can place this class anywhere you want and, since this class will be resolved out of Laravel's service container you can inject any dependencies through the constructor.

Here is an example class for the Announcements plugin that renders 5 most recent announcements inside the navbar:

<?php

namespace Vanguard\Announcements\Hooks;

use Vanguard\Announcements\Repositories\AnnouncementsRepository;
use Vanguard\Plugins\Contracts\Hook;

class NavbarItemsHook implements Hook
{
    /**
     * @var AnnouncementsRepository
     */
    private $announcements;

    public function __construct(AnnouncementsRepository $announcements)
    {
        $this->announcements = $announcements;
    }

    /**
     * Execute the hook action.
     *
     * @return \Illuminate\Contracts\View\Factory|\Illuminate\View\View
     */
    public function handle()
    {
        $announcements = $this->announcements->latest(5);
        $announcements->load('creator');

        return view('announcements::partials.navbar.list', compact('announcements'));
    }
}

Registering Hook Handlers

Once you create a hook handler class, the only remaining thing to do is to register it as a handler for a specific view hook. You can do this inside the boot method in your plugin service provider class like following

use Vanguard\Plugins\Vanguard;
use Vanguard\Announcements\Hooks\NavbarItemsHook;

//...

public function boot()
{
    Vanguard::hook('navbar:items', NavbarItemsHook::class);
}

The above code means that whenever inside the template we have a hook placeholder defined as @hook('navbar:items'), the placeholder will be replaced with whatever is returned from the NavbarItemsHook::handle method.

Pre-defined Vanguard Template Hooks

Vanguard comes with the following list of hooks that you can hook into:

• auth:styles - Hook into the template right before the closing </head> tag for the auth layout.
• auth:scripts - Hook into the template right before the closing </body> tag for the auth layout.
• app:styles - Hook into the template right before the closing </head> tag for the main application layout.
• app:scripts - Hook into the template right before the closing </body> tag for the main application layout.
• navbar:items - Hook into the template where header navigation items are defined. Whatever you print here will be displayed next to the user's avatar inside the header.
• navbar:dropdown - Hook into the header dropdown displayed when you click on the user's avatar. This is a convenient hook if you need to add an item to the dropdown menu.

Vanguard's dashboard consists of a set of widgets that are being rendered in a predefined fashion.

Dashboard widget is a class that extends the abstract Vanguard\Plugins\Widget class and provides one simple render() method that is responsible for rendering a widget.

All widget classes will be resolved out of Laravel's service container so you can inject any dependencies you want through the constructor.

Creating a New Widget

The easiest way to understand how to create a widget is to look at the existing one. Default Vanguard widgets can be found in app/Support/Plugins/Dashboard/Widgets folder and below is an example of the widget responsible for displaying the total number of users available inside the system.

<?php

namespace Vanguard\Support\Plugins\Dashboard\Widgets;

use Vanguard\Plugins\Widget;
use Vanguard\Repositories\User\UserRepository;

class TotalUsers extends Widget
{
    /**
     * {@inheritdoc}
     */
    public $width = '3';

    /**
     * {@inheritdoc}
     */
    protected $permissions = 'users.manage';

    /**
     * @var UserRepository
     */
    private $users;

    /**
     * TotalUsers constructor.
     * @param UserRepository $users
     */
    public function __construct(UserRepository $users)
    {
        $this->users = $users;
    }

    /**
     * {@inheritdoc}
     */
    public function render()
    {
        return view('plugins.dashboard.widgets.total-users', [
            'count' => $this->users->count()
        ]);
    }
}

Widget Width

Each widget has a $width property that is actually a number between 1 and 12. This is basically the equivalent to the Bootstrap columns so if you set the width to 4 it means that it will be transformed to a bootstrap class named col-md-4.

In case if you want to provide your own layout classes, you should set the $width to null (which is also the default value) and you should provide the column classes on your own.

Widget permissions

You can define who can see a specific widget by defining the permissions required for that widget. There are 3 different ways to define the required widget permissions, depending on what exactly you need to check:

Single Permission - A currently authenticated user must have the defined permission to be able to see the widget on the dashboard:

//...

protected $permissions = 'users.manage';

//...

Multiple Permissions - A currently authenticated user must have all the permissions from the given list.

//...

protected $permissions = ['users.manage', 'foo.bar'];

//...

Closure Based Permission - If a closure returns true then Vanguard will consider that the current user has the permission to see the widget on the dashboard.

In this case, you will need to define your permission inside the constructor.

//...

public function __construct()
{
    $this->permissions = function ($user) {
        return $user->status === 'Foo';
    };
}

//..

Registering Widgets

To register a widget you need to add the full path to the widget class inside the array that is being returned from the widgets() method in VanguardServiceProvider.

Here is an example (pay attention to the use line at the top of the file):

use Vanguard\Support\Plugins\Dashboard\Widgets\TotalUsers;

//...

protected function widgets()
{
    return [
        //...

        TotalUsers::class,

        //...
    ];
}

The widget position on the dashboard will depend on the index inside the array from above. For example, if you have two widgets, WidgetA and WidgetB, and your widgets array looks like inside the code snippet below, then WidgetB will be rendered before the WidgetA.

//...

protected function widgets()
{
    return [
        //...

        WidgetB::class,
        WidgetA::class,

        //...
    ];
}