This is a simple package to allow admins impersonate users.

In your terminal:

# install the package
composer require maurohmartinez/impersonate-users-backpack-laravel

In case you want/need to publish files to further customize this package:

php artisan vendor:publish --provider="MHMartinez\ImpersonateUser\app\Providers\ImpersonateUserServiceProvider"

1- Add in your UserCrudController.

use \MHMartinez\ImpersonateUser\app\Http\Controllers\Operations\ImpersonateUserOperation;

This will add a button for List and Show Operations to impersonate users.

2- Next step is to handle the logic to indicate which admins have permission to impersonate others, or can be impersonated. You just need to modify a bit your User Model to implement the interface ImpersonateInterface like this:

class User extends Authenticatable implements ImpersonateInterface

And then add the following two methods in your User Model:

/**
 * If you use Laravel-Backpack/PermissionManager you can do like this.
 * But you can also add any logic you need. 
*/
public function canImpersonateOthers(): bool
{
    return $this->can('permission_to_impersonate'); // or replace "permission_to_impersonate" with the right permission
}
/**
 * Following the same example, you can deny admins from impersonating super admins. 
*/
public function canBeImpersonated(): bool
{
    return !$this->hasRole('superadmin'); // or replace "superadmin" with the right permission
}

3- Now, you just need to add the button to exit impersonating (no worries, it will only show up when needed). For example, you can add the button in topbar_right_content.blade.php like this:

@include('impersonate_user::exit_impersonated')

4- Important — If you want to impersonate non-admin users you will need to skip the backpack middleware that determines if the user is admin. This is because this operation will need to allow your impersonated non-admin user to use a backpack route to log you back. How to do it?

• Publish the config file if you haven't done so (described here, above step one).

php artisan vendor:publish --provider="MHMartinez\ImpersonateUser\app\Providers\ImpersonateUserServiceProvider" --tag=config

• Add the middleware classname like it follows, and you will be good to go:

return [
    'session_key' => 'impersonating_user',
    'base_guard' => 'backpack',
    'admin_middleware' => Path\To\Middleware\IsAdmin::class,
];

This will allow this operation to skip that middleware when logging out impersonated non-admin users.

• Mauro Martinez Developer
• Cristian Tabacitu For creating Backpack for Laravel!