/filament-jet

Authentication starter kit for your next Filament application.

Primary LanguagePHPMIT LicenseMIT

FilamentJet

Latest Version on Packagist GitHub Tests Action Status GitHub Code Style Action Status Total Downloads

Filament Jet cover art

Filament Jet is a authentication starter kit for Filament and provides the perfect starting point for your next Filament application. Filament Jet provides the implementation for your application's login, registration, email verification, two-factor authentication, session management, personal data export, API via Laravel Sanctum, and optional team management features.

Switchable team User menu
Filament Jet switchable team art Filament Jet user menu art

Installation

Warning Attempting to install Filament Jet into an existing Filament application may result in unexpected behavior and issues.

You can install the package via composer:

composer require artmin96/filament-jet

After installing the Filament Jet package, you may execute the following Artisan command.

php artisan filament-jet:install

In addition, you may use the --teams switch to enable team support.

After installing Filament Jet, you should install and build your NPM dependencies and migrate your database:

npm run dev

npm run build

php artisan migrate

Optionally, you can publish the views using

php artisan vendor:publish --tag="filament-jet-views"

Update the config/filament.php to point to the Filament Jet's Login::class.

'auth' => [
    'guard' => env('FILAMENT_AUTH_GUARD', 'web'),
    'pages' => [
        'login' => \ArtMin96\FilamentJet\Filament\Pages\Auth\Login::class,
    ],
],

You may want to change the size of the auth card.

use ArtMin96\FilamentJet\Features;

'features' => [
    Features::login([
        'card_width' => 'md',
    ]),
],

Show/hide brand.

use ArtMin96\FilamentJet\Features;

'features' => [
    Features::login([
        'has_brand' => true,
    ]),
],

Full config for login.

use ArtMin96\FilamentJet\Features;

'features' => [
    Features::login([
        'card_width' => 'md',
        'has_brand' => true,
        'rate_limiting' => [
            'enabled' => true,
            'limit' => 5,
        ],
        'pipelines' => [],
    ]),
],

Profile Management

Filament Jet's profile management features are accessed by the user using the top-right user profile navigation dropdown menu. Filament Jet actions that allow the user to update their name, email address, and, optionally, their profile photo.

Filament Jet profile information art Filament Jet update password art Filament Jet two factor art Filament Jet two factor finish enabling art Filament Jet two factor enabled art Filament Jet two factor secret codes hidden art Filament Jet browser sessions art Filament Jet delete account art Filament Jet download information art Filament Jet download information ready art

You may want to disable the updateProfileInformation feature by adding a comment.

use ArtMin96\FilamentJet\Features;

'features' => [
    // Features::updateProfileInformation(),
],

Enabling Profile Photos

If you wish to allow users to upload custom profile photos, you must enable the feature in your application's config/filament-jet.php configuration file. To enable the feature, simply uncomment the corresponding feature entry from the features configuration item within this file:

use ArtMin96\FilamentJet\Features;

'features' => [
    Features::profilePhotos(),
],

Follow the link for more information: Jetstream Profile Management

Password Update

You may want to disable the updatePasswords feature by adding a comment.

use ArtMin96\FilamentJet\Features;

'features' => [
    // Features::updatePasswords([
    //     ...
    // ]),
],

You may want to update the password without filling in the current password.

use ArtMin96\FilamentJet\Features;

'features' => [
    Features::updatePasswords([
        'askCurrentPassword' => false,
    ]),
],

Two Factor Authentication

When a user enables two-factor authentication for their account, they should scan the given QR code using a free TOTP authenticator application such as Google Authenticator. In addition, they should store the listed recovery codes in a secure password manager such as 1Password.

use ArtMin96\FilamentJet\Features;

'features' => [
    Features::twoFactorAuthentication([
        'authentication' => [
            'session_prefix' => 'filament.',
            'card_width' => 'md',
            'has_brand' => true,
            'rate_limiting' => [
                'enabled' => true,
                'limit' => 5,
            ],
        ],
        'confirm' => true,
        'toggleRecoveryCodesVisibilityWithConfirmPassword' => true,
        // 'window' => 0,
    ]),
],

You may want to disable the twoFactorAuthentication feature by adding a comment.

use ArtMin96\FilamentJet\Features;

'features' => [
    // Features::twoFactorAuthentication([
    //     ...
    // ]),
],

You may want to toggle recovery codes visibility without password confirmation:

use ArtMin96\FilamentJet\Features;

'features' => [
    Features::twoFactorAuthentication([
        // ...
        'toggleRecoveryCodesVisibilityWithConfirmPassword' => false,
    ]),
],

Browser Sessions

This feature utilizes Laravel's built-in Illuminate\Session\Middleware\AuthenticateSession middleware to safely log out other browser sessions that are authenticated as the current user.

Note To utilize browser session management within Filament Jet, ensure that your session configuration's driver (or SESSION_DRIVER environment variable) is set to 'database'.

You may want to disable the logoutOtherBrowserSessions feature by adding a comment.

use ArtMin96\FilamentJet\Features;

'features' => [
    // Features::logoutOtherBrowserSessions(),
],

Delete Account

You may want to disable the accountDeletion feature by adding a comment.

use ArtMin96\FilamentJet\Features;

'features' => [
    // Features::accountDeletion(),
],

Download Your Information

You can download a copy of your information from your profile. Once your files are available, you can download them to your device.

You may want to disable the personalDataExport feature by adding a comment.

use ArtMin96\FilamentJet\Features;

'features' => [
    // Features::personalDataExport([
    //    'export-name' => 'personal-data',
    //    'add' => [
            // ['nameInDownload' => '', 'content' => []]
    //    ],
    //    'add-files' => [
            // ['pathToFile' => '', 'diskName' => '', 'directory' => '']
    //    ],
    // ]),
],
  • add: the first parameter is the name of the file in the inside the zip file. The second parameter is the content that should go in that file. If you pass an array here, we will encode it to JSON.
  • add-file: the first parameter is a path to a file which will be copied to the zip. You can also add a disk name as the second parameter.

The export-name will only affect the name of the download that will be sent as a response to the user, not the name of the zip stored on disk.

This uses the spatie/laravel-personal-data-export package. Follow the link for other information.

Teams

If you installed Filament Jet using the --teams option, your application will be scaffolded to support team creation and management.

Create Team

Filament Jet create team art

Team Settings

Filament Jet update team name art Filament Jet add team member art Filament Jet pending team invitations art Filament Jet team members art Filament Jet manage team member role art Filament Jet delete team art

Disabling team feature

If you want to disable the team feature, remove this line from the config/filament-jet.php config.

use ArtMin96\FilamentJet\Features;

'features' => [
    Features::teams([
        'invitations' => false,
        'middleware' => [],
    ]),
],

If you want to add other middlewares, fill in the middleware array.

Follow the link for more information: Jetstream Teams

Invitations

By default, Filament Jet will simply add any existing application user that you specify to your team. To get started, pass the invitations option when enabling the "teams" feature for your application. This may be done by modifying the features array of your application's config/filament-jet.php configuration file.

Follow the link for more information: Jetstream Teams

API

Filament Jet api token create art Filament Jet api token display art Filament Jet api token list art Filament Jet api token permissions art

Laravel Sanctum provides a featherweight authentication system for SPAs (single page applications), mobile applications, and simple, token-based APIs. Sanctum allows each user of your application to generate multiple API tokens for their account. These tokens may be granted abilities / permissions which specify which actions the tokens are allowed to perform.

Enabling API Support

If your application will be offering an API that may be consumed by third-parties, you must enable Filament Jet's API feature. To do so, you should uncomment the relevant entry in the features configuration option of your application's config/filament-jet.php configuration file:

use ArtMin96\FilamentJet\Features;

'features' => [
    Features::api(),
],

Follow the link for more information: Jetstream API

Authentication

Registration

Filament Jet register art

Requiring Terms Of Service / Privacy Policy Approval

Many applications require users to accept their terms of service / privacy policy during registration. Filament Jet allows you to easily enable this requirement for your own application, as well as provides a convenient way of writing these documents using Markdown.

To get started, enable this feature in your application's config/filament-jet.php configuration file:

use ArtMin96\FilamentJet\Features;

'features' => [
    Features::termsAndPrivacyPolicy(),
],

Next, you may write your terms of service / privacy policy documents by modifying your application's resources/markdown/terms.md and resources/markdown/policy.md files.

Disabling Registration Feature

You may want to disable the registration feature by adding a comment.

use ArtMin96\FilamentJet\Features;

'features' => [
    // Features::registration([
    //     'page' => \ArtMin96\FilamentJet\Filament\Pages\Auth\Register::class,
    //     'terms_of_service' => \ArtMin96\FilamentJet\Http\Livewire\TermsOfService::class,
    //     'privacy_policy' => \ArtMin96\FilamentJet\Http\Livewire\PrivacyPolicy::class,
    //     'card_width' => 'md',
    //     'has_brand' => true,
    //     'rate_limiting' => [
    //         'enabled' => true,
    //         'limit' => 5,
    //     ],
    // ]),
],

Login

Filament Jet login art

Reset Password

Filament Jet reset password art Filament Jet reset password sent art Filament Jet reset password update art

Disabling Reset Password Feature

You may want to disable the resetPasswords feature by adding a comment.

use ArtMin96\FilamentJet\Features;

'features' => [
    // Features::resetPasswords([
    //     'request' => [
    //         'page' => \ArtMin96\FilamentJet\Filament\Pages\Auth\PasswordReset\RequestPasswordReset::class,
    //         'card_width' => 'md',
    //         'has_brand' => true,
    //         'rate_limiting' => [
    //             'enabled' => true,
    //             'limit' => 5,
    //         ],
    //     ],
    //     'reset' => [
    //         'page' => \ArtMin96\FilamentJet\Filament\Pages\Auth\PasswordReset\ResetPassword::class,
    //         'card_width' => 'md',
    //         'has_brand' => true,
    //         'rate_limiting' => [
    //             'enabled' => true,
    //             'limit' => 5,
    //         ],
    //     ],
    // ]),
],

Two Factor Challenge

Filament Jet two factor code art Filament Jet two factor recovery-code art

Extending and Overriding Components

All pages within the auth flow are full-page Livewire components made to work with Filament Forms. So you can easily extend any component to add your own fields and actions.

You may want to change the registration component:

use ArtMin96\FilamentJet\Features;

'features' => [
     Features::registration([
        'page' => \ArtMin96\FilamentJet\Filament\Pages\Auth\Register::class,
        'terms_of_service' => \ArtMin96\FilamentJet\Http\Livewire\TermsOfService::class,
        'privacy_policy' => \ArtMin96\FilamentJet\Http\Livewire\PrivacyPolicy::class,
        'card_width' => 'md',
        'has_brand' => true,
        'rate_limiting' => [
            'enabled' => true,
            'limit' => 5
        ],
    ]),
],

You may want to change the terms of service or privacy policy component:

use ArtMin96\FilamentJet\Features;

'features' => [
    Features::registration([
        // ...
        'terms_of_service' => YourTermsOfServiceComponent::class,
        'privacy_policy' => YourPrivacyPolicyComponent::class,
        // ...
    ]),
],

You may want to change the reset password pages:

use ArtMin96\FilamentJet\Features;

'features' => [
    Features::resetPasswords([
        'request' => [
            'page' => \ArtMin96\FilamentJet\Filament\Pages\Auth\PasswordReset\RequestPasswordReset::class,
            // ...
        ],
        'reset' => [
            'page' => \ArtMin96\FilamentJet\Filament\Pages\Auth\PasswordReset\ResetPassword::class,
            // ...
        ],
    ]),
],

Email Verification

To get started, verify that your App\Models\User model implements the Illuminate\Contracts\Auth\MustVerifyEmail contract

use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable implements MustVerifyEmail
{
    // ...
}

Filament Jet includes support for requiring that a newly registered user verify their email address. However, support for this feature is disabled by default. To enable this feature, you should uncomment the relevant entry in the features configuration item of your application's config/filament-jet.php configuration file:

use ArtMin96\FilamentJet\Features;

'features' => [
    Features::emailVerification([
        // ...
    ]),
],

You may want to change the verification checker page or email verification controller:

use ArtMin96\FilamentJet\Features;

'features' => [
    Features::emailVerification([
        'page' => \ArtMin96\FilamentJet\Filament\Pages\Auth\EmailVerification\EmailVerificationPrompt::class,
        'controller' => \ArtMin96\FilamentJet\Http\Controllers\Auth\EmailVerificationController::class,
        'card_width' => 'md',
        'has_brand' => true,
        'rate_limiting' => [
            'enabled' => true,
            'limit' => 5
        ],
    ]),
],

Usage

The filament-jet configuration file contains a features configuration array where you can enable or disable the feature you want.

Testing

composer test

Changelog

Please see CHANGELOG for more information on what has changed recently.

Contributing

Please see CONTRIBUTING for details.

Security Vulnerabilities

Please review our security policy on how to report security vulnerabilities.

Credits

This package was inspired by a package by Laravel's jetstream.

License

The MIT License (MIT). Please see License File for more information.