Description

Vanguard is PHP application, written in Laravel PHP framework, that allows website owners to quickly add and enable authentication, authorization and user management to their website. It is designed following latest security and code standards and it is ready for high availability websites. Although it is written in Laravel, it can be used to provide secure login, authentication, authorization and complete user management for any PHP powered website. Vanguard also comes with fully documented JSON API which allows you to easily authenticate users from your mobile (or any other) application.

It comes with almost three hundred automated tests (functional and unit), that cover all vital parts of the application and the API and ensures it’s maintainability and stability.

Version 8.1.1

Features

• Secure user registration and login
• Social Authentication using Facebook, Twitter and Google+
• Password reset
• Two-Factor Authentication
• Remember Me feature on login
• Login with email or username
• Google reCAPTCHA on registration
• Authentication Throttling (lock user account after few incorrect login attempts)
• Interactive Dashboard
• Unlimited number of user roles
• Powerful admin panel
• Unlimited number of permissions
  • Manage permissions from admin interface
  • Assign permission to roles
  • Easily check if user has permission to perform some action
• JSON API to build any kind of applications around Vanguard
• Super easy installation using installation wizard
• User Activity Log
• Avatar upload with crop feature
• Built using Bootstrap 4
• Active Sessions Management (see and manage all your active sessions)
• Admins can impersonate users
• Full unicode support
• Client side and server side form validation
• Fully customisable from settings section
• Complete and detailed documentation
• Fully object oriented and commented PHP and JavaScript code.
• Localization support – Translate the application to any language (English, Serbian and German translations included)
• Runs on PHP 8.1.0+
• Flexible Plugin System

Security

• CSRF Protection – all forms include CSRF token
• Session Protection – highly secure Laravel session mechanism
• Highly secure one-way password hashing

Server Requirements

• PHP >= 8.1.0
• BCMath PHP Extension
• OpenSSL PHP Extension
• PDO PHP Extension
• Mbstring PHP Extension
• Tokenizer PHP Extension
• Ctype PHP Extension
• XML PHP Extension
• JSON PHP Extension
• GD PHP Extension
• Fileinfo PHP Extension

Demo and Documentation

• Demo link: https://demo.vanguardapp.io
• Admin Credentials
  • Username: admin
  • Password: admin123
• Documentation and Support: https://milos.support-hub.io/

Discount Notifications

Subscribe to receive notifications about discounts and updates: https://vanguardapp.io/#subscribe

Changelog

Check the docs for upgrade guide.

February 28, 2024 – Version 8.1.1

Fixed an issue in the installation wizard

February 21, 2024 – Version 8.1.0

Add support for limiting the number of active sessions per user
Add the ability to change the locale from the UI
Fixed redirect to a custom page after 2FA
Fixed issue with being able to enable 2FA for the same phone number for two different users
Extracted default roles to constants to make it easier for users who want to change the names of default roles
Extracted some language lines to a language file
Improved password reset flow to show success message on forgot password even if there is no user with that email
Improved the installation flow to check if foreign keys are enabled and be more resilient if some requirements are not met
Converted UserStatus to a regular PHP enum class
Added pint for consistent code formatting

March 17, 2023 – Version 8.0.0

Upgraded to Laravel 10 which supports PHP 8.2
Minimum required PHP version is now 8.1
Updated all third party packages to the latest stable versions

March 16, 2022 – Version 7.0.0

Added support for PHP 8.1
Upgraded to Laravel 9
Updated all third party packages to the latest stable versions

August 12, 2021 – Version 6.1.0

Added support for PHP 8
Updated all third party packages to the latest stable versions
Fixed invalidate session redirect issue
Fixed german translation issues
Fixed bg-color issue for switch components
Fixed pagination styling issue
Update `redirectIfAuthenticated` trait to respect the `to` parameter

October 20, 2020 – Version 6.0.0

Upgraded to Laravel 8
Fixed api registration issue
Fixed email confirmation routes
Fix field type for 2FA phone number
Fix impersonation route middlewares

April 8, 2020 – Version 5.0.1

Fixed installation wizard

April 5, 2020 – Version 5.0.0

Fixed custom login redirect issue
Upgraded to Laravel 7
Switched to Laravel Sanctum for API authentication
Replaced API transformers with Laravel's API Resources
Changed API response format

September 16, 2019 – Version 4.0.1

Fixed password reset email issue
Fixed avatar upload issue
Updated registration and email verification flow

September 13, 2019 – Version 4.0.0

Added Plugin Support
Upgraded to Laravel 6

April 1, 2019 – Version 3.2.1

Fix installation issue

March 30, 2019 – Version 3.2.0

Upgraded to Laravel 5.8
Replaced deprecated Larvel str_ and array_ helper functions

October 30, 2018 – Version 3.1.0

Upgraded to Laravel 5.7
Fixed issue with API when country_id field is null
Fixed Notifications Settings update bug
Improved Two-Factor Authentication by adding one more step for phone verification
Added Impersonate feature

June 14, 2018 – Version 3.0.1

Minor bug-fix release to address a few mostly UI related bugs. List of changed files available inside the upgrade guide.

May 17, 2018 – Version 3.0.0

Complete frontend re-write with Bootstrap 4
Remove additional step for Twitter authentication since Twitter can provide an email now
Update sizes of the avatars retreived during social authentication

March 13, 2018 – Version 2.2.0

Upgrade to Laravel 5.6
Fix issue with Authy secret key and config caching
Fix issues with registration history chart
Fix installation issue on PHP 7.2

December 19, 2017 – Version 2.1.1

Added ability to configure dates format across the app
Added automatic session invalidation and log out of the user if he is banned by the administrator
Added device info on session list page
Updated dashboard chart to display data in last 365 days (instead of for current year)
Extracted model factories to different files (important for testing purposes only)
Fixed autoload include issue for existing websites

November 08, 2017 – Version 2.1.0

Upgrade Laravel to version 5.5
Fix glitch on User Acivity search

September 14, 2017 – Version 2.0.2

Fix avatar update issue when admin is updating avatar for some other user
Disable API authentication for banned and unconfirmed users
Fix country update issue which occures on some MySQL versions

August 25, 2017 – Version 2.0.1

Fix installation issues from previous version
Update documentation

August 23, 2017 – Version 2.0.0

Add fully tested JSON API
Fix some minor glitches related to translation

May 1, 2017 – Version 1.3.3

Fix incompatibility issues between laravel-jsvalidation package and Laravel Framework version 5.4.19+
Fix issue where country is set to null after user logs in

April 12, 2017 – Version 1.3.2

Removed zizaco/entrust package and replaced with Vanguard's native mechanism for handling roles and permissions
$user->can() method now use Laravel's default authorization mechanism. For checking if user has permission defined by Vanguard, you should use $user->hasPermission('...').

March 06, 2017 – Version 1.3.1

Fixed installation issue
Fixed issue with FORCE_SSL

February 18, 2017 – Version 1.3.0

Laravel 5.4 upgrade
IMPORTANT: Fixed potential security issue with user avatar upload
Fixed issue to don't allow banned users to log in via social networks
Expanded and updated automated tests to cover all bugs and issues from above

September 30, 2016 – Version 1.2.1

Fixed bug when creating/updating users from admin panel without selected country
Fixed small typos on delete user confirmation popup

September 27, 2016 – Version 1.2.0

Updated to Laravel 5.3
InnoDB is now forced storage engine for MySQL database
Slightly improved design
E-Mail templates updated (now using Laravel 5.3 Notifications feature)
Fixed default country value
Fixed n+1 problem for activity page (added missing eager loading)
Fixed translation glitches
Added IIS configuration file
PHP 5.6.4 is now minimum PHP version required (Laravel 5.3 requirement)
PHP XML extension is now requirement (Laravel 5.3 requirement)
Updated and extended documentation
Dropped support for HHVM, since Laravel 5.3 does not support it

March 30, 2016 – Version 1.1.2

Add missing middleware to redirect user to install page if Vanguard is not installed

March 29, 2016 – Version 1.1.1

Added German translation files
Add translation for few missed strings
Fix some small bugs

March 15, 2016 – Version 1.1.0

Add localization support
Use social network profile image as default avatar after social auth
Fix problems with pagination while browsing search results for users and activities
Handle missing email from non-twitter social provider

February 18, 2016 – Version 1.0.4

Updated documentation
Added option to allow redirect to custom page after login
Disable access to login page for authenticated users

February 4, 2016 – Version 1.0.3

Updated documentation
Fixed css glitches
Added more tests

January 25, 2016 – Version 1.0.2

New design for error pages
Updated installer to require Fileinfo extension

January 22, 2016 – Version 1.0.1

Add missing configuration placeholder file

January 21, 2016 – Version 1.0.0

First release