victoryoalli / laravel-multitenancy-impersonate
Laravel Multitenancy Impersonation from landlord to tenant
Fund package maintenance!
victoryoalli
victoryoalli.me/open-source/support-us
Installs: 554
Dependents: 0
Suggesters: 0
Security: 0
Stars: 5
Watchers: 0
Forks: 4
Open Issues: 0
pkg:composer/victoryoalli/laravel-multitenancy-impersonate
Requires
- php: ^8.2
- illuminate/auth: ^10.0|^11.0|^12.0
- illuminate/database: ^10.0|^11.0|^12.0
- illuminate/support: ^10.0|^11.0|^12.0
- spatie/laravel-multitenancy: ^3.0|^4.0
Requires (Dev)
- friendsofphp/php-cs-fixer: ^3.0
- orchestra/testbench: ^8.0|^9.0|^10.0
- phpunit/phpunit: ^10.0|^11.0
This package is auto-updated.
Last update: 2026-01-02 19:56:00 UTC
README
Laravel multitenancy impersonation from landlord to tenant.
This package is made to be used with Spatie Laravel Multitenancy.
This package allows you to impersonate users from a landlord (main) application into tenant applications. It generates secure, time-limited tokens that enable seamless authentication across tenant databases.
Requirements
- PHP ^8.2
- Laravel ^10.0, ^11.0 or ^12.0
- Spatie Laravel Multitenancy ^3.0 or ^4.0
Installation
You can install the package via composer:
composer require victoryoalli/laravel-multitenancy-impersonate
Publish Config and Migrations
php artisan vendor:publish --provider="VictorYoalli\MultitenancyImpersonate\MultitenancyImpersonateServiceProvider"
Configuration
After publishing, you can modify config/multitenancy-impersonate.php:
return [ 'ttl' => 60, // Token lifetime in seconds 'redirect_path' => '/home', // Default redirect after impersonation 'auth_guard' => 'web', // Authentication guard to use 'rate_limit' => [ 'max_attempts' => 5, // Max token validation attempts 'decay_minutes' => 1, // Minutes until attempts reset ], ];
Usage
Landlord Controller
The Landlord controller creates the token and redirects to the tenant for automatic login.
use VictorYoalli\MultitenancyImpersonate\Traits\CanImpersonate; class ImpersonateController { use CanImpersonate; public function store(Request $request) { $tenant = Tenant::find($request->get('tenant_id')); $redirect_url = "https://{$tenant->domain}/admin"; // Create impersonation token in tenant's database $impersonate = $this->createToken($tenant, auth()->user(), $redirect_url); // Redirect to tenant's impersonation endpoint $tenant_url = "https://{$tenant->domain}/impersonate"; return redirect("{$tenant_url}/{$impersonate->token}"); } }
Tenant Controller
Validates the token and logs in the specified user. The user will be redirected to the $redirect_url provided when creating the token.
use VictorYoalli\MultitenancyImpersonate\Traits\CanImpersonate; class TenantImpersonateController { use CanImpersonate; public function __invoke(Request $request, string $token) { $user = User::firstOrFail(); // Or find user by any criteria return $this->impersonate($token, $user); } }
Testing
composer test
Changelog
Please see CHANGELOG for more information what has changed recently.
Contributing
Please see CONTRIBUTING for details.
Security
If you discover any security related issues, please email victoryoalli@gmail.com instead of using the issue tracker.
Credits
License
The MIT License (MIT). Please see License File for more information.