承接 eloquent-works/exile 相关项目开发

从需求分析到上线部署,全程专人跟进,保证项目质量与交付效率

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

eloquent-works/exile

Composer 安装命令:

composer require eloquent-works/exile

包简介

Comprehensive account, IP, network, device, strike, restriction, appeal, and moderation enforcement tools for Laravel applications.

README 文档

README

tests

Laravel Exile

Comprehensive moderation enforcement tools for Laravel applications.

Exile supports account, IP, CIDR network, and device bans; temporary and permanent enforcement; warnings and strike escalation; login, posting, read-only, and shadow restrictions; appeals, evidence, moderator tracking, audit history, events, notifications, middleware, and scheduled maintenance.

$user->ban(
    reason: 'Repeated harassment',
    expiresAt: now()->addDays(7),
    moderator: $moderator,
);

$user->strike('Spam', points: 3);

$user->restrict(RestrictionType::Posting, 'Posting cooldown');

Supported Versions

Package Version PHP Laravel / Illuminate
Current ^8.2 ^11.15 || ^12.0 || ^13.0

Composer will automatically resolve compatible Laravel / Illuminate versions based on your project.

Installation

composer require eloquent-works/exile
php artisan exile:install --migrate

Add Bannable to your user model:

<?php

namespace App\Models;

use EloquentWorks\Exile\Traits\Bannable;
use Illuminate\Foundation\Auth\User as Authenticatable;

class User extends Authenticatable
{
    use Bannable;
}

Features

  • Account-only bans
  • IP-only bans
  • Combined account and IP bans
  • CIDR network bans with IPv4 and IPv6 support
  • Device fingerprint bans without storing raw fingerprints
  • Combined account, device, and IP bans
  • Temporary and permanent enforcement
  • Public reasons and private moderator notes
  • Configurable ban categories
  • Moderator issuance and revocation tracking
  • Warnings with severity and acknowledgement
  • Strike points with automatic escalation
  • Login, posting, read-only, and shadow restrictions
  • Ban appeals with approval, denial, and withdrawal
  • Evidence attachments with configurable storage
  • Automatic audit history
  • Middleware and custom 403 responses
  • Lifecycle events and optional notifications
  • Expiration processing and retention pruning commands
  • Configurable models and table names

Account bans

$ban = $user->ban(
    reason: 'Repeated harassment',
    expiresAt: now()->addDays(7),
    moderator: $moderator,
    category: 'harassment',
    internalNotes: 'Case EX-1042',
    metadata: ['case_number' => 'EX-1042'],
);

$user->isBanned();

IP, network, and device bans

use EloquentWorks\Exile\Facades\Exile;

Exile::banIp('203.0.113.10', reason: 'Automated abuse');

Exile::banNetwork('203.0.113.0/24', reason: 'Abusive network');

Exile::banDevice('browser-fingerprint', reason: 'Ban evasion');

Exile::banAccountAndIp(
    $user,
    request()->ip(),
    reason: 'Ban evasion',
);

Register device activity without storing the raw fingerprint:

$user->registerDeviceFingerprint(
    fingerprint: $request->header('X-Device-Fingerprint'),
    ipAddress: $request->ip(),
    label: 'Chrome on Windows',
);

Warnings and strikes

use EloquentWorks\Exile\Enums\WarningSeverity;

$user->warn(
    reason: 'Please review the community rules.',
    severity: WarningSeverity::High,
);

$user->strike(
    reason: 'Spam',
    points: 3,
    category: 'spam',
);

$user->activeStrikePoints();

Escalation thresholds are configured in config/exile.php. The defaults apply:

  • 3 points: one-day posting restriction
  • 5 points: seven-day read-only restriction
  • 10 points: thirty-day account ban

Restrictions

use EloquentWorks\Exile\Enums\RestrictionType;

$user->restrict(
    RestrictionType::Posting,
    reason: 'Posting cooldown',
    expiresAt: now()->addDay(),
);

$user->restrict(RestrictionType::ReadOnly);
$user->restrict(RestrictionType::Login);
$user->restrict(RestrictionType::Shadow);

$user->isRestricted(RestrictionType::Posting);
$user->isShadowBanned();

Middleware

Protect all access against account, IP, network, and device bans:

Route::middleware('exile')->group(function () {
    Route::get('/dashboard', DashboardController::class);
});

Protect specific actions:

Route::post('/posts', StorePostController::class)
    ->middleware('exile.allowed:posting');

Route::post('/login/complete', CompleteLoginController::class)
    ->middleware('exile.allowed:login');

Mark shadow-banned requests without rejecting them:

Route::post('/comments', StoreCommentController::class)
    ->middleware('exile.shadow');

$shadowed = request()->attributes->get('exile.shadowed', false);

Appeals

use EloquentWorks\Exile\Enums\AppealStatus;
use EloquentWorks\Exile\Facades\Exile;

$appeal = Exile::submitAppeal(
    $ban,
    $user,
    'I believe this enforcement was issued in error.',
);

Exile::resolveAppeal(
    $appeal,
    AppealStatus::Approved,
    $reviewer,
    'Appeal accepted.',
);

Approving an appeal revokes the related ban.

Evidence

Attach an existing stored file:

$evidence = Exile::attachEvidence(
    subject: $ban,
    disk: 'private',
    path: 'moderation/case-1042/report.pdf',
    originalName: 'report.pdf',
    uploadedBy: $moderator,
);

Or store an uploaded file through Exile:

$evidence = Exile::storeEvidence(
    $ban,
    $request->file('evidence'),
    $moderator,
);

Revocation

Exile::revokeBan($ban, $moderator);
Exile::revokeRestriction($restriction, $moderator);
Exile::revokeStrike($strike, $moderator);

Records remain available as moderation history until explicitly pruned.

Commands

php artisan exile:expire
php artisan exile:prune

Pruning is disabled by default. Enable it in configuration or run:

php artisan exile:prune --force --days=365

Notifications

Notifications are disabled by default. Enable them in config/exile.php:

'notifications' => [
    'enabled' => true,
    'channels' => ['mail'],
],

The affected model must support Laravel notifications. Database notifications also require Laravel's notifications table.

Events

  • BanIssued
  • BanRevoked
  • BanExpired
  • RestrictionIssued
  • RestrictionRevoked
  • StrikeIssued
  • WarningIssued
  • AppealSubmitted
  • AppealResolved

Testing

composer test
composer analyse
vendor/bin/pint --test

Documentation

Full docs are available in the docs directory:

Security

Keep EXILE_HASH_KEY private. Exile uses keyed HMAC hashes for IP and device matching. Human-readable IP addresses and CIDR ranges are encrypted at rest using Laravel's encryption system.

Do not use device fingerprints as a sole identity signal. Treat them as one moderation indicator alongside account history, IP context, and human review.

If you discover a security vulnerability, please report it privately instead of opening a public issue.

Credits

Built by Eloquent Works.

License

The MIT License.

统计信息

  • 总下载量: 0
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 0
  • 点击次数: 2
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 0
  • Watchers: 0
  • Forks: 0
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2026-07-13

承接程序开发

PHP开发

VUE

Vue开发

前端开发

小程序开发

公众号开发

系统定制

数据库设计

云部署

网站建设

安全加固