jnarvaezp/social-profile
Composer 安装命令:
composer require jnarvaezp/social-profile
包简介
Store and manage social media links for customers and staff
README 文档
README
A TastyIgniter v4 extension to store and manage social media links (WhatsApp, Telegram, Instagram, Facebook, TikTok) for customers and admin users, with a full REST API and audit logging.
Features
- Custom Admin UI — Individual labeled text fields for each social platform in Customer and Staff User forms
- REST API —
GET/PUTendpoints for reading and updating social links via Sanctum tokens - Input Validation — Only allowed platforms, string values, max 255 chars per link
- Audit Logging — Dedicated daily log file with IP, user agent, before/after states
- Multi-model Support — Links stored on both
customersandadmin_userstables - JSON Storage — Single nullable JSON column per model (no extra tables)
Supported Platforms
| Platform | Icon | Example Value |
|---|---|---|
fa-whatsapp |
+56912345678 |
|
| Telegram | fa-telegram |
@username |
fa-instagram |
@username |
|
fa-facebook |
https://facebook.com/username |
|
| TikTok | fa-tiktok |
@username |
Requirements
- TastyIgniter v4.0+
- ti-ext-api extension installed and enabled
- PHP 8.1+
- MySQL 5.7+ or MariaDB 10.3+ (JSON column support)
Installation
Via Composer (recommended)
cd /path/to/tastyigniter
composer require jnarvaezp/social-profile
php artisan migrate
Manual Installation
- Download or clone this repository into your
extensions/directory:
git clone git@github.com:jnarvaezp/plugin-tastyigniter-socialmedia-profile.git extensions/igniter/social-profile
- Run migrations:
php artisan migrate
-
Enable the extension from Admin > Manage > Extensions.
-
Clear cache:
php artisan config:clear php artisan cache:clear
Database Schema
This extension adds a single JSON column to two existing tables:
-- Customers table ALTER TABLE customers ADD social_links JSON NULL AFTER last_seen; -- Admin users table ALTER TABLE admin_users ADD social_links JSON NULL AFTER last_seen;
Example stored value:
{
"whatsapp": "+56987654321",
"telegram": "@mariagonzalez",
"instagram": "@mariag",
"facebook": "https://facebook.com/mariag",
"tiktok": "@mariag2026"
}
Admin UI
After installation, edit any Customer or Staff User in the Admin panel. A "Social Links" tab appears with 5 labeled text fields — one per platform.
The custom SocialLinksWidget handles:
- Reading the JSON column and populating each field
- Collecting field values and encoding to JSON on save
REST API
The extension registers two API endpoints via TastyIgniter's ApiManager.
Authentication
All requests require a Sanctum Bearer token. Generate one:
php artisan igniter:api-token --name=my_device --email=admin@example.com --admin
Or via POST:
curl -X POST https://your-site.com/api/token \
-d "email=admin@example.com&password=your_password&device_name=my_device&is_admin=1"
Endpoints
Get Social Links
GET /api/social-links/{customer_id}
Request:
curl -H "Authorization: Bearer YOUR_TOKEN" \ -H "Accept: application/json" \ https://your-site.com/api/social-links/1
Response:
{
"data": {
"type": "sociallinkscontroller",
"id": "1",
"attributes": {
"customer_id": 1,
"social_links": {
"whatsapp": "+56912345678",
"telegram": "@mariagonzalez"
}
}
}
}
Update Social Links
PUT /api/social-links/{customer_id}
Request:
curl -X PUT \
-H "Authorization: Bearer YOUR_TOKEN" \
-H "Content-Type: application/json" \
-d '{"social_links":{"whatsapp":"+56999999999","telegram":"@new_username"}}' \
https://your-site.com/api/social-links/1
Response:
{
"data": {
"type": "sociallinkscontroller",
"id": "1",
"attributes": {
"customer_id": 1,
"social_links": {
"whatsapp": "+56999999999",
"telegram": "@new_username"
}
}
}
}
Error Responses
401 Unauthorized (no token):
{"message": "Unauthenticated."}
422 Validation Error (invalid platform):
{
"message": "422 Unprocessable Content",
"errors": {
"social_links": ["Plataformas no permitidas: linkedin"]
}
}
422 Validation Error (non-string value):
{
"message": "422 Unprocessable Content",
"errors": {
"social_links": ["El valor de whatsapp debe ser texto."],
"social_links.whatsapp": ["The social_links.whatsapp must be a string."]
}
}
Validation Rules
| Rule | Description |
|---|---|
| Allowed platforms | Only whatsapp, telegram, instagram, facebook, tiktok |
| Value type | Must be a string |
| Value length | Max 255 characters per link |
| Total size | Max 2048 characters (entire JSON) |
| Empty values | Rejected (cannot send empty string) |
| Null | Allowed (field is nullable) |
Logging
The extension creates a dedicated log channel at:
storage/logs/social-profile-YYYY-MM-DD.log
- Daily rotation with 30-day retention
- Show events: logs customer_id, IP, user agent
- Update events: logs customer_id, IP, before state, input, after state
Example log entry:
[2026-04-25 18:00:02] local.INFO: social_links.update.request
{"customer_id":9,"ip":"127.0.0.1",
"before":{"telegram":"@old","whatsapp":"+56912345678"},
"input":{"whatsapp":"+56999999999","telegram":"@new"}}
Architecture
extensions/igniter/social-profile/
├── config/
│ └── social_profile.php # Platform definitions
├── database/migrations/
│ ├── ..._add_social_links_to_customers.php
│ └── ..._add_social_links_to_admin_users.php
├── resources/views/_partials/formwidgets/sociallinks/
│ └── sociallinks.blade.php # Widget template (5 inputs)
└── src/
├── Extension.php # Boot: form fields, validation, API, logging
├── FormWidgets/
│ └── SocialLinksWidget.php # Custom admin form widget
├── ApiResources/
│ ├── Repositories/
│ │ └── SocialLinksRepository.php # Data layer (array to JSON encode)
│ ├── Requests/
│ │ └── SocialLinksRequest.php # API validation
│ └── Transformers/
│ └── SocialLinksTransformer.php # Fractal response transformer
└── Http/Controllers/
└── SocialLinksController.php # REST controller + audit logging
Security
| Aspect | Status |
|---|---|
| Sanctum token auth | Required on all API endpoints |
| Token abilities | social-links:* required |
| Platform whitelist | Only 5 allowed platforms |
| Input validation | String type, max 255 per value, max 2048 total |
| SQL injection | Protected by Eloquent ORM |
| XSS (Admin UI) | Blade {{ }} auto-escapes |
| CSRF (Admin UI) | Standard Laravel CSRF middleware |
| Rate limiting | Laravel ThrottleRequests (60 req/min) |
| Audit logging | All reads and writes logged with IP |
Permissions
The extension registers the Admin.SocialProfile permission. Assign it to admin roles that should manage social links.
Contributing
- Fork the repository
- Create your feature branch:
git checkout -b feature/my-feature - Commit your changes:
git commit -am 'Add my feature' - Push to the branch:
git push origin feature/my-feature - Open a Pull Request
License
This project is licensed under the MIT License — see the LICENSE file for details.
统计信息
- 总下载量: 1
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 0
- 点击次数: 12
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2026-04-30